SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆101May 12, 2026Updated last week
Alternatives and similar repositories for SecLists
Users that are interested in SecLists are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Directory/file & DNS busting tool written in Go☆15Nov 26, 2019Updated 6 years ago
- Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supp…☆22Jul 13, 2020Updated 5 years ago
- Homemade scripts to-do various vulnerable challenges☆80Jan 7, 2021Updated 5 years ago
- Personal fork of Kippo SSH honeypot.☆13May 25, 2014Updated 11 years ago
- Veil-Evasion is a tool used to generate payloads that bypass antivirus solutions☆12Apr 24, 2017Updated 9 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Inline file transfer using in-built Windows tools (DEBUG.exe or PowerShell).☆319Apr 27, 2020Updated 6 years ago
- Clone of Metasploit's wiki w/ additions☆17Nov 22, 2015Updated 10 years ago
- A collection of machine learning algorithms in python☆14May 11, 2021Updated 5 years ago
- Android attempt at PoC CVE-2016-8655☆12Jul 1, 2017Updated 8 years ago
- Regular Expression Pattern Analyzer☆18Aug 9, 2023Updated 2 years ago
- MSFvenom Payload Creator (MSFPC)☆1,327May 9, 2021Updated 5 years ago
- Secure, rust-based installer back-end for Athena OS☆10May 5, 2026Updated 2 weeks ago
- Runs sshd as a unprivileged user for persistence☆10Jun 23, 2019Updated 6 years ago
- Deploy an "illegal" SOC to manage vulnerabilities on your city servers in minutes.☆20Dec 8, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Class☆10Nov 10, 2020Updated 5 years ago
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threat research tea…☆20Sep 22, 2021Updated 4 years ago
- 📨 Quick tool to finds and extract email addresses from a body of text☆12Apr 15, 2023Updated 3 years ago
- Serving files with conditions, serverside keying and more.☆18May 26, 2022Updated 3 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 3 years ago
- Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.☆12Mar 14, 2018Updated 8 years ago
- A PE Header-Based Antivirus Tool☆12Nov 14, 2014Updated 11 years ago
- Sniper. Passive Secrets Hunting.🚬☆13Jun 3, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Vulnerable LLM Application☆14Jan 1, 2024Updated 2 years ago
- ☆13Nov 5, 2017Updated 8 years ago
- A small pentesting lab for Azure☆10Apr 19, 2019Updated 7 years ago
- Pollard Rho attack on ECDLP with GMP☆10Sep 6, 2022Updated 3 years ago
- Quick and dirty reconnaissance hacks for BB and pentesting☆11Feb 20, 2023Updated 3 years ago
- Clean accounts over permissions in GCP infra at scale☆72May 9, 2023Updated 3 years ago
- Attempt zone transfers on domains☆18Jul 12, 2021Updated 4 years ago
- A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, al…☆2,191Dec 11, 2022Updated 3 years ago
- Simple code to execute payloads depending on the detected OS.☆34Jul 6, 2019Updated 6 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- 各种安全相关思维导图整理收集☆12Feb 13, 2017Updated 9 years ago
- Some bash to make life easier after a new kali install..☆34Dec 11, 2022Updated 3 years ago
- Purple Team Workshop by @jorgeorchilles☆12Apr 26, 2025Updated last year
- BLE based C2 for Hak5's Bash Bunny☆19Oct 31, 2023Updated 2 years ago
- List of Google Dorks for sites that have responsible disclosure program / bug bounty program☆22Sep 8, 2019Updated 6 years ago
- Treck Network Stack Discovery Tool [Ripple20]☆12Jul 1, 2020Updated 5 years ago