danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆68,463Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- Fast subdomains enumeration tool for penetration testers☆10,779Updated last year
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,790Updated 2 years ago
- Fast web fuzzer written in Go☆15,498Updated 9 months ago
- Impacket is a collection of Python classes for working with network protocols.☆15,362Updated 2 weeks ago
- Directory/File, DNS and VHost busting tool written in Go☆13,332Updated 2 weeks ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆19,151Updated last week
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆10,810Updated last week
- In-depth attack surface mapping and asset discovery☆14,042Updated this week
- GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.☆12,538Updated last week
- Web application fuzzer☆6,384Updated last week
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆74,736Updated last week
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,340Updated 2 months ago
- A fast, simple, recursive content discovery tool written in Rust.☆7,441Updated last week
- Most advanced XSS scanner.☆14,673Updated 9 months ago
- Fast passive subdomain enumeration tool.☆12,943Updated this week
- Web path scanner☆13,922Updated last week
- A swiss army knife for pentesting networks☆9,036Updated 2 years ago
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,710Updated last year
- CTF framework and exploit development library☆13,212Updated last week
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆9,184Updated 2 years ago
- hydra☆11,596Updated this week
- Nikto web server scanner☆10,007Updated last month
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,870Updated 2 months ago
- Automated All-in-One OS Command Injection Exploitation Tool☆5,594Updated last week
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,835Updated 3 years ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,795Updated 2 years ago
- RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data☆6,728Updated last month
- 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻☆7,122Updated last year
- E-mails, subdomains and names Harvester - OSINT☆15,512Updated this week
- A Tool for Domain Flyovers☆5,892Updated 3 years ago