danielmiessler / SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆62,607Updated this week
Alternatives and similar repositories for SecLists:
Users that are interested in SecLists are comparing it to the libraries listed below
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,514Updated last year
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆65,230Updated last month
- Fast web fuzzer written in Go☆13,902Updated 2 weeks ago
- Web application fuzzer☆6,162Updated 8 months ago
- Directory/File, DNS and VHost busting tool written in Go☆11,513Updated last week
- Fast subdomains enumeration tool for penetration testers☆10,332Updated 9 months ago
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,339Updated last year
- A swiss army knife for pentesting networks☆8,705Updated last year
- A list of public penetration test reports published by several consulting firms and academic security groups.☆8,826Updated 11 months ago
- TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.☆24,426Updated 4 months ago
- In-depth attack surface mapping and asset discovery☆12,935Updated this week
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆8,909Updated last year
- A collection of awesome penetration testing resources, tools and other shiny things☆23,033Updated last week
- A curated list of CTF frameworks, libraries, resources and softwares☆10,328Updated 9 months ago
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,175Updated last year
- Impacket is a collection of Python classes for working with network protocols.☆14,247Updated last week
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,493Updated last week
- A little tool to play with Windows security☆20,144Updated 10 months ago
- Attack Surface Management Platform☆8,708Updated 2 months ago
- Fast passive subdomain enumeration tool.☆11,618Updated this week
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,248Updated last week
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆17,430Updated last week
- Six Degrees of Domain Admin☆10,158Updated this week
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,290Updated 4 years ago
- 🔥 Web-application firewalls (WAFs) from security standpoint.☆6,629Updated 6 months ago
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆7,030Updated 9 months ago
- 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻☆6,348Updated 11 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,793Updated last month
- The Bug Hunters Methodology☆4,055Updated last year
- Nikto web server scanner☆9,231Updated this week