danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆68,593Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,802Updated 2 years ago
- Fast web fuzzer written in Go☆15,527Updated 9 months ago
- Directory/File, DNS and VHost busting tool written in Go☆13,360Updated 3 weeks ago
- GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.☆12,615Updated this week
- Fast subdomains enumeration tool for penetration testers☆10,790Updated last year
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆74,944Updated this week
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆19,215Updated last week
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆10,105Updated 4 months ago
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆10,856Updated this week
- A little tool to play with Windows security☆21,224Updated 8 months ago
- A swiss army knife for pentesting networks☆9,050Updated 2 years ago
- Web path scanner☆13,956Updated this week
- Attack Surface Management Platform☆9,378Updated 3 weeks ago
- Impacket is a collection of Python classes for working with network protocols.☆15,411Updated last week
- Web application fuzzer☆6,397Updated 2 weeks ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,351Updated 2 months ago
- In-depth attack surface mapping and asset discovery☆14,073Updated this week
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆26,889Updated this week
- Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mand…☆7,523Updated 3 months ago
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,877Updated last week
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆9,194Updated 2 years ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,815Updated 2 years ago
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,726Updated last year
- Find, verify, and analyze leaked credentials☆24,338Updated last week
- RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data☆6,747Updated 2 months ago
- Six Degrees of Domain Admin☆10,529Updated 6 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆6,297Updated last week
- A Tool for Domain Flyovers☆5,896Updated 3 years ago
- A repository with 3 tools for pwn'ing websites with .git repositories available☆4,123Updated 2 years ago
- A toolkit for testing, tweaking and cracking JSON Web Tokens☆6,347Updated 9 months ago