danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆63,117Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆8,943Updated last year
- Fast subdomains enumeration tool for penetration testers☆10,372Updated 10 months ago
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,537Updated last year
- Impacket is a collection of Python classes for working with network protocols.☆14,352Updated this week
- Fast web fuzzer written in Go☆14,028Updated last month
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,372Updated last year
- The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.☆5,313Updated 8 months ago
- A swiss army knife for pentesting networks☆8,745Updated last year
- E-mails, subdomains and names Harvester - OSINT☆12,713Updated this week
- Directory/File, DNS and VHost busting tool written in Go☆11,882Updated last week
- Fast passive subdomain enumeration tool.☆11,740Updated last week
- In-depth attack surface mapping and asset discovery☆13,051Updated this week
- A Tool for Domain Flyovers☆5,765Updated 3 years ago
- Attack Surface Management Platform☆8,777Updated this week
- Web application fuzzer☆6,186Updated 9 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,835Updated last week
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,272Updated this week
- 🎯 Command Injection Payload List☆3,309Updated 10 months ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,309Updated 7 months ago
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆65,680Updated last week
- A Workflow Engine for Offensive Security☆5,601Updated 2 weeks ago
- Six Degrees of Domain Admin☆10,200Updated 3 weeks ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆17,607Updated this week
- Web path scanner☆12,931Updated last week
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,232Updated last year
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,363Updated 4 years ago
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,781Updated 2 years ago
- Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.☆3,732Updated 2 weeks ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,534Updated last month
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆4,680Updated 4 years ago