danielmiessler / SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆59,079Updated this week
Alternatives and similar repositories for SecLists:
Users that are interested in SecLists are comparing it to the libraries listed below
- Fast web fuzzer written in Go☆12,832Updated 5 months ago
- Directory/File, DNS and VHost busting tool written in Go☆10,296Updated last month
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,274Updated last year
- Fast subdomains enumeration tool for penetration testers☆9,936Updated 4 months ago
- TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.☆23,807Updated 3 months ago
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆10,988Updated last month
- Exploitation Framework for Embedded Devices☆12,247Updated last month
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆61,801Updated this week
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,082Updated last year
- CTF framework and exploit development library☆12,190Updated last month
- A swiss army knife for pentesting networks☆8,487Updated last year
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆8,716Updated last year
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,145Updated 3 months ago
- Attack Surface Management Platform☆8,180Updated last week
- Web application fuzzer☆5,977Updated 3 months ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆8,558Updated 6 months ago
- Impacket is a collection of Python classes for working with network protocols.☆13,623Updated this week
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆8,835Updated 7 months ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆20,933Updated this week
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆16,372Updated this week
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆6,993Updated 2 months ago
- Linux privilege escalation auditing tool☆5,694Updated 9 months ago
- Web path scanner☆12,283Updated 3 weeks ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,029Updated last month
- The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis☆29,523Updated last month
- In-depth attack surface mapping and asset discovery☆12,169Updated this week
- Six Degrees of Domain Admin☆9,959Updated 5 months ago
- The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.☆16,880Updated 2 weeks ago
- Fast passive subdomain enumeration tool.☆10,382Updated last week
- The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.☆5,178Updated 2 months ago