SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆101Apr 10, 2026Updated this week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Directory/file & DNS busting tool written in Go☆15Nov 26, 2019Updated 6 years ago
- Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supp…☆22Jul 13, 2020Updated 5 years ago
- Phishing Campaign Toolkit☆13Nov 9, 2021Updated 4 years ago
- Homemade scripts to-do various vulnerable challenges☆79Jan 7, 2021Updated 5 years ago
- Personal Collection of Operating Systems Scripts☆573May 16, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Veil-Evasion is a tool used to generate payloads that bypass antivirus solutions☆12Apr 24, 2017Updated 8 years ago
- Clone of Metasploit's wiki w/ additions☆17Nov 22, 2015Updated 10 years ago
- A collection of machine learning algorithms in python☆14May 11, 2021Updated 4 years ago
- Docker container for running CobaltStrike 4.7 and above☆25Mar 20, 2025Updated last year
- Android attempt at PoC CVE-2016-8655☆13Jul 1, 2017Updated 8 years ago
- Regular Expression Pattern Analyzer☆18Aug 9, 2023Updated 2 years ago
- MSFvenom Payload Creator (MSFPC)☆1,322May 9, 2021Updated 4 years ago
- AES-NI bruteforcer for bad Character Sets☆10Jan 17, 2021Updated 5 years ago
- Runs sshd as a unprivileged user for persistence☆11Jun 23, 2019Updated 6 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Class☆10Nov 10, 2020Updated 5 years ago
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆20Sep 22, 2021Updated 4 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.☆12Mar 14, 2018Updated 8 years ago
- Connect to Cisco AnyConnect VPN and open a Microsoft Remote Desktop (RDP) window☆11Apr 5, 2026Updated last week
- Carbon Black Response IR tool☆56Dec 10, 2020Updated 5 years ago
- Stdin to your browser by WebSocket☆94Dec 16, 2015Updated 10 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Vulnerable LLM Application☆14Jan 1, 2024Updated 2 years ago
- Florida Man 2017☆10Aug 3, 2017Updated 8 years ago
- Collection of useful command line commands☆14Dec 10, 2021Updated 4 years ago
- Fuzz for hidden proxies, vhosts, and URLs☆15Apr 1, 2026Updated last week
- Convert Empire profiles to Apache mod_rewrite scripts☆29Sep 17, 2019Updated 6 years ago
- Quick and dirty reconnaissance hacks for BB and pentesting☆11Feb 20, 2023Updated 3 years ago
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,189Dec 11, 2022Updated 3 years ago
- Simple code to execute payloads depending on the detected OS.☆33Jul 6, 2019Updated 6 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Some bash to make life easier after a new kali install..☆34Dec 11, 2022Updated 3 years ago
- Purple Team Workshop by @jorgeorchilles☆12Apr 26, 2025Updated 11 months ago
- List of Google Dorks for sites that have responsible disclosure program / bug bounty program☆22Sep 8, 2019Updated 6 years ago
- Speeding up identifying which binaries with a SUID flag may lead to root access☆15Aug 26, 2024Updated last year
- Personnel scripts,projects notes,hacks,random thoughts,mindmap etc....☆35Feb 14, 2025Updated last year
- python wrapper to use tshark for file extraction from the command line.☆26Nov 15, 2018Updated 7 years ago
- A tool for checking a hash:pass pot file for hashes from a user:hash file☆12Oct 23, 2016Updated 9 years ago