danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆63,853Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- Directory/File, DNS and VHost busting tool written in Go☆12,059Updated this week
- Fast web fuzzer written in Go☆14,211Updated 2 months ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,569Updated last year
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆17,800Updated last week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆67,143Updated last month
- In-depth attack surface mapping and asset discovery☆13,183Updated this week
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆8,966Updated last year
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆11,787Updated 8 months ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,427Updated last year
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,625Updated 2 months ago
- Impacket is a collection of Python classes for working with network protocols.☆14,484Updated this week
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,300Updated last year
- A swiss army knife for pentesting networks☆8,794Updated last year
- Fast subdomains enumeration tool for penetration testers☆10,448Updated 11 months ago
- List of Awesome Red Teaming Resources☆7,322Updated last year
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,556Updated last month
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,418Updated 4 years ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆8,982Updated last year
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆9,985Updated last week
- Attack Surface Management Platform☆8,834Updated 3 weeks ago
- A fast, simple, recursive content discovery tool written in Rust.☆6,710Updated 2 months ago
- Web application fuzzer☆6,204Updated 10 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,339Updated 8 months ago
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,683Updated this week
- 🎯 Command Injection Payload List☆3,357Updated 11 months ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,645Updated 5 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,222Updated 4 months ago
- Linux privilege escalation auditing tool☆6,018Updated last year
- A Workflow Engine for Offensive Security☆5,679Updated last month
- Monitor linux processes without root permissions☆5,511Updated 2 years ago