danielmiessler / SecListsLinks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆65,326Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below
Sorting:
- Directory/File, DNS and VHost busting tool written in Go☆12,417Updated this week
- Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.☆8,659Updated last year
- Fast web fuzzer written in Go☆14,644Updated 4 months ago
- PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)☆18,206Updated this week
- Fast subdomains enumeration tool for penetration testers☆10,551Updated last year
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF☆69,595Updated 2 weeks ago
- Impacket is a collection of Python classes for working with network protocols.☆14,767Updated this week
- GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems☆12,015Updated 10 months ago
- A swiss army knife for pentesting networks☆8,871Updated last year
- Web application fuzzer☆6,260Updated last year
- Scripted Local Linux Enumeration & Privilege Escalation Checks☆7,553Updated last year
- The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb☆7,812Updated 2 years ago
- This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.☆9,761Updated last month
- In-depth attack surface mapping and asset discovery☆13,489Updated 3 weeks ago
- Six Degrees of Domain Admin☆10,315Updated last month
- CTF framework and exploit development library☆12,840Updated this week
- PowerSploit - A PowerShell Post-Exploitation Framework☆12,554Updated 5 years ago
- A list of public penetration test reports published by several consulting firms and academic security groups.☆9,102Updated last month
- Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and n…☆10,275Updated this week
- AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.☆5,656Updated 3 months ago
- Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…☆5,990Updated last week
- Nishang - Offensive PowerShell for red team, penetration testing and offensive security.☆9,432Updated last year
- Most advanced XSS scanner.☆14,277Updated 4 months ago
- Web path scanner☆13,306Updated 2 months ago
- Open-Source Phishing Toolkit☆13,018Updated 11 months ago
- Fast passive subdomain enumeration tool.☆12,196Updated this week
- Gather and update all available and newest CVEs with their PoC.☆7,194Updated this week
- 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List☆7,453Updated last year
- Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)☆7,901Updated this week
- Automated All-in-One OS Command Injection Exploitation Tool.☆5,426Updated this week