SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆17Feb 10, 2016Updated 10 years ago
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A script that parses nmap.xml output, identifies all SSL services and automatically performs an sslscan of each service☆14Jul 2, 2025Updated 11 months ago
- It checks how secure the program you made is and shows how vulnerable your program is.☆20Apr 20, 2017Updated 9 years ago
- Generates Flash based CORS CSRF Proof of Concepts that can be sent directly to clients☆14Jul 3, 2013Updated 12 years ago
- ☆12May 24, 2015Updated 11 years ago
- Image size issues plugin for Burp Suite☆95Jun 27, 2018Updated 7 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Repository aimed to compile scripts and tools that can be used during penetration tests to assess the security of different flash related…☆10Jan 5, 2015Updated 11 years ago
- The PDF Metadata Burp Extension provides an additional passive Scanner check for metadata in PDF files.☆11Jan 10, 2017Updated 9 years ago
- Analyzes open source bug trackers for interesting vulnerabilities☆23Feb 3, 2015Updated 11 years ago
- ☆13May 28, 2013Updated 13 years ago
- Automatically parse and tabulate Nessus findings into OpenDocument tables☆11Dec 15, 2015Updated 10 years ago
- Burp extension to increment a parameter in each active scan request☆13Jul 16, 2025Updated 10 months ago
- A quick bash script that I created in order to speed up the creation of usable kali boxes.☆13Oct 29, 2021Updated 4 years ago
- Custom stagers with python encrypting proxy☆40May 25, 2015Updated 11 years ago
- Working Rsh Client With Bind/Reverse Shell☆19Sep 15, 2015Updated 10 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Tutorial for Node.js security☆21Sep 4, 2020Updated 5 years ago
- Decrypt MITM SSL RDP and save to pcap☆53May 1, 2014Updated 12 years ago
- Tools for NTDS.dit☆17Apr 26, 2018Updated 8 years ago
- Application Security Vulnerability Periodic Table☆14Aug 25, 2014Updated 11 years ago
- morphHTA - Morphing Cobalt Strike's evil.HTA☆11Jun 3, 2017Updated 9 years ago
- Vulnerable Grails application☆43Jun 12, 2015Updated 10 years ago
- ☆37Feb 12, 2018Updated 8 years ago
- potentially dangerous files for dirbusting☆15Feb 20, 2016Updated 10 years ago
- Local privilege escalation scripts and tools☆17Aug 4, 2016Updated 9 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- event shipper for Carbon Black Defense notifications☆10Feb 25, 2023Updated 3 years ago
- Comprehensive parsing script for grepable Nmap output files. Provides a summary table, split hosts files, and URLs for web and SMB hosts.☆19Apr 17, 2020Updated 6 years ago
- A CUI Struts2 Vulnerability Exploit☆16Jul 29, 2016Updated 9 years ago
- Windows Offline Common Password Hash Checker☆29Aug 9, 2016Updated 9 years ago
- ☆64Feb 12, 2022Updated 4 years ago
- A scoreboard for Security CTF events☆37Dec 11, 2012Updated 13 years ago
- A tool to analyse JMX API security level.☆44Jul 23, 2014Updated 11 years ago
- An automated SMB relay exploitation script.☆153Oct 11, 2016Updated 9 years ago
- Yet another cross compiling reverse/bind payload generator written in Go.☆12Sep 22, 2021Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Speeds up the extraction of password hashes from ntds.dit files. For use with the ntdsxtract project or the dshash script☆26Feb 1, 2024Updated 2 years ago
- A security scanner for Wordpress blogging engine☆32May 11, 2016Updated 10 years ago
- Linux integrity monitoring for CentOS/RHEL☆13May 13, 2020Updated 6 years ago
- Clickjacking Proof-of-Concept Exploit☆26Oct 1, 2020Updated 5 years ago
- A command line tool that sends its input data to a running procmon instance.☆16Feb 24, 2017Updated 9 years ago
- Networking exploration in golang to build a security enhanced version of netcat☆10Feb 20, 2018Updated 8 years ago
- A websocket proxy☆54Nov 13, 2017Updated 8 years ago