danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆64,252Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆68,542Updated this week
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,586Updated last year
- Fast web fuzzer written in Go☆14,330Updated 2 months ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆17,915Updated 3 weeks ago
- Directory/File, DNS and VHost busting tool written in Go☆12,176Updated last week
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆11,864Updated 8 months ago
- Most advanced XSS scanner.☆14,133Updated 2 months ago
- Impacket is a collection of Python classes for working with network protocols.☆14,550Updated last week
- In-depth attack surface mapping and asset discovery☆13,254Updated this week
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,028Updated last year
- Web application fuzzer☆6,225Updated 11 months ago
- Fast subdomains enumeration tool for penetration testers☆10,486Updated 11 months ago
- Fast passive subdomain enumeration tool.☆11,987Updated last week
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,472Updated last year
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆7,266Updated last year
- Web path scanner☆13,130Updated last month
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆10,093Updated this week
- The ZAP by Checkmarx Core project☆13,848Updated this week
- Attack Surface Management Platform☆8,898Updated last month
- Next generation web scanner☆5,969Updated last year
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,673Updated 2 months ago
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆5,121Updated 5 months ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆13,337Updated 6 months ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,450Updated 4 years ago
- Nikto web server scanner☆9,451Updated last week
- A swiss army knife for pentesting networks☆8,830Updated last year
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,340Updated this week
- E-mails, subdomains and names Harvester - OSINT☆13,038Updated this week
- Metasploit Framework☆35,942Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆24,071Updated this week