danielmiessler / SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆58,351Updated this week
Related projects ⓘ
Alternatives and complementary repositories for SecLists
- Directory/File, DNS and VHost busting tool written in Go☆10,054Updated last week
- Fast web fuzzer written in Go☆12,649Updated 4 months ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆16,064Updated last week
- Impacket is a collection of Python classes for working with network protocols.☆13,509Updated 2 weeks ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,233Updated 11 months ago
- Fast subdomains enumeration tool for penetration testers☆9,856Updated 3 months ago
- In-depth attack surface mapping and asset discovery☆12,034Updated 3 weeks ago
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆8,685Updated last year
- A swiss army knife for pentesting networks☆8,438Updated 11 months ago
- Nikto web server scanner☆8,579Updated last week
- PowerSploit - A PowerShell Post-Exploitation Framework☆11,900Updated 4 years ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,019Updated last year
- Open-Source Phishing Toolkit☆11,599Updated last month
- Automated All-in-One OS Command Injection Exploitation Tool.☆4,591Updated this week
- Fast passive subdomain enumeration tool.☆10,237Updated this week
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,735Updated last year
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆8,777Updated 6 months ago
- Web application fuzzer☆5,954Updated 2 months ago
- John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating s…☆10,279Updated this week
- Attack Surface Management Platform☆8,077Updated 2 weeks ago
- A Tool for Domain Flyovers☆5,639Updated 2 years ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,452Updated last month
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,087Updated 2 months ago
- Exploitation Framework for Embedded Devices☆12,193Updated 2 weeks ago
- The ultimate WinRM shell for hacking/pentesting☆4,514Updated last week
- Empire is a PowerShell and Python post-exploitation agent.☆7,444Updated 4 years ago
- Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.☆4,755Updated 4 months ago
- Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C☆8,445Updated 7 months ago
- Adversary Emulation Framework☆8,494Updated last week
- Next generation web scanner☆5,542Updated 3 months ago