bl4de / dictionariesLinks
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
☆242Updated last year
Alternatives and similar repositories for dictionaries
Users that are interested in dictionaries are comparing it to the libraries listed below
Sorting:
- Common Web Managers Fuzz Wordlists☆173Updated 2 months ago
- Smart ssrf scanner using different methods like parameter brute forcing in post and get...☆276Updated 4 years ago
- HTTP file upload scanner for Burp Proxy☆488Updated last year
- Another way to bypass WAF Cheat Sheet (draft)☆424Updated 6 years ago
- Advanced Burp Suite Logging Extension☆667Updated last year
- Automated blind-xss search for Burp Suite☆285Updated 5 years ago
- A mini webserver with FTP support for XXE payloads☆331Updated last year
- Rock-On is a all in one Recon tool that will just get a single entry of the Domain name and do all of the work alone.☆297Updated 5 years ago
- SSLScrape | A scanning tool for scaping hostnames from SSL certificates.☆332Updated 4 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆723Updated 6 years ago
- List DTDs and generate XXE payloads using those local DTDs.☆629Updated last year
- Toolkit to detect and keep track on Blind XSS, XXE & SSRF☆295Updated 5 years ago
- Python tool to find potential Server Side Reqest Forgery (SSRF) vulnerability parameters.☆320Updated last month
- HTTP file upload scanner for Burp Proxy☆409Updated 2 years ago
- simple script to extract all web resources by means of .SVN folder exposed over network.☆466Updated last year
- A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)☆622Updated last year
- ☆277Updated 2 years ago
- Wordlist for content(directory) bruteforce discovering with Burp or dirsearch☆214Updated 7 months ago
- An hourly updated list of subdomains gathered from certificate transparency logs☆348Updated 3 years ago
- automated web assets enumeration & scanning [DEPRECATED]☆289Updated 2 years ago
- Take a list of domains/subdomains and probe for working http/https server.☆189Updated 4 years ago
- TheftFuzzer is a tool that fuzzes Cross-Origin Resource Sharing implementations for common misconfigurations.☆315Updated 2 years ago
- kadimus is a tool to check and exploit lfi vulnerability.☆536Updated 4 years ago
- Burp Extension for a passive scanning JS files for endpoint links.☆785Updated last year
- Combined port scanning w/ Masscan's speed & Nmap's scanning features.☆151Updated 3 years ago
- Burp Suite extension to discover assets from HTTP response.☆227Updated 4 months ago
- SSRF testing tool☆244Updated 2 years ago
- Open Redirect Payloads☆617Updated 7 months ago
- Default signature for Jaeles Scanner☆321Updated 3 years ago
- This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …☆259Updated 2 years ago