danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆63,668Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- Fast web fuzzer written in Go☆14,175Updated 2 months ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,561Updated last year
- Fast passive subdomain enumeration tool.☆11,856Updated this week
- Web path scanner☆13,044Updated last week
- In-depth attack surface mapping and asset discovery☆13,165Updated this week
- Directory/File, DNS and VHost busting tool written in Go☆12,033Updated last week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆66,233Updated last month
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆7,191Updated 11 months ago
- Most advanced XSS scanner.☆14,078Updated 2 months ago
- Web application fuzzer☆6,201Updated 10 months ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆17,755Updated 3 weeks ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆8,963Updated last year
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆11,787Updated 8 months ago
- Fast subdomains enumeration tool for penetration testers☆10,429Updated 10 months ago
- Attack Surface Management Platform☆8,834Updated 3 weeks ago
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆9,985Updated this week
- A Tool for Domain Flyovers☆5,783Updated 3 years ago
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆8,965Updated last year
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,427Updated last year
- The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.☆17,743Updated 3 weeks ago
- HTTP parameter discovery suite.☆5,713Updated 4 months ago
- A fast, simple, recursive content discovery tool written in Rust.☆6,710Updated 2 months ago
- RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data☆6,223Updated last month
- Some setup scripts for security research tools.☆8,935Updated 3 months ago
- Knock Subdomain Scan☆4,016Updated 3 weeks ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆5,934Updated last month
- A list of interesting payloads, tips and tricks for bug bounty hunters.☆6,168Updated last year
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,338Updated 8 months ago
- Next generation web scanner☆5,931Updated 11 months ago
- A curated list of CTF frameworks, libraries, resources and softwares☆10,479Updated 11 months ago