SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆101Apr 30, 2026Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The Last Web Recon Tool You'll Need☆17Nov 7, 2020Updated 5 years ago
- Directory/file & DNS busting tool written in Go☆15Nov 26, 2019Updated 6 years ago
- Phishing Campaign Toolkit☆13Nov 9, 2021Updated 4 years ago
- Homemade scripts to-do various vulnerable challenges☆79Jan 7, 2021Updated 5 years ago
- Personal Collection of Operating Systems Scripts☆573May 16, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Inline file transfer using in-built Windows tools (DEBUG.exe or PowerShell).☆319Apr 27, 2020Updated 6 years ago
- Clone of Metasploit's wiki w/ additions☆17Nov 22, 2015Updated 10 years ago
- A collection of machine learning algorithms in python☆14May 11, 2021Updated 4 years ago
- Docker container for running CobaltStrike 4.7 and above☆25Mar 20, 2025Updated last year
- MSFvenom Payload Creator (MSFPC)☆1,324May 9, 2021Updated 4 years ago
- AES-NI bruteforcer for bad Character Sets☆10Jan 17, 2021Updated 5 years ago
- Runs sshd as a unprivileged user for persistence☆10Jun 23, 2019Updated 6 years ago
- Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.☆20Dec 8, 2022Updated 3 years ago
- Class☆10Nov 10, 2020Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Config files for my GitHub profile.☆11Updated this week
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆20Sep 22, 2021Updated 4 years ago
- 📨 Quick tool to finds and extract email addresses from a body of text☆12Apr 15, 2023Updated 3 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner☆12Apr 22, 2018Updated 8 years ago
- Arduino Mega 1280/2560 and PJRC Teensy++2.0 xmem compatible library with auto-size features and real preemptive multitasking. Also provid…☆18Feb 19, 2015Updated 11 years ago
- Sniper. Passive Secrets Hunting.🚬☆13Jun 3, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆13Nov 5, 2017Updated 8 years ago
- Florida Man 2017☆10Aug 3, 2017Updated 8 years ago
- Collection of useful command line commands☆14Dec 10, 2021Updated 4 years ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 7 years ago
- Clean accounts over permissions in GCP infra at scale☆71May 9, 2023Updated 2 years ago
- Fuzz for hidden proxies, vhosts, and URLs☆15Apr 1, 2026Updated last month
- Convert Empire profiles to Apache mod_rewrite scripts☆29Sep 17, 2019Updated 6 years ago
- Quick and dirty reconnaissance hacks for BB and pentesting☆11Feb 20, 2023Updated 3 years ago
- Script for Kali that adds a bunch of tools and customizes it to be much better☆186Jan 26, 2021Updated 5 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,190Dec 11, 2022Updated 3 years ago
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- Some bash to make life easier after a new kali install..☆34Dec 11, 2022Updated 3 years ago
- List of Google Dorks for sites that have responsible disclosure program / bug bounty program☆22Sep 8, 2019Updated 6 years ago
- Python script for extracting and decrypting Group Policy Preferences passwords☆26May 28, 2021Updated 4 years ago
- Speeding up identifying which binaries with a SUID flag may lead to root access☆15Aug 26, 2024Updated last year