hisxo / SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
☆8Updated 5 years ago
Alternatives and similar repositories for SecLists:
Users that are interested in SecLists are comparing it to the libraries listed below
- SpiderFoot automates OSINT collection so that you can focus on analysis.☆11Updated last year
- Spaghetti - Web Application Security Scanner☆19Updated 7 years ago
- Passive subdomain enumeration tool with http-probe.☆33Updated 3 years ago
- OWASP Juice Shop: Probably the most modern and sophisticated insecure web application☆21Updated 5 years ago
- Squatm3gator is a complete web solution based on the python tool squatm3, designed to enumerate available domains generated modifying the…☆31Updated 3 years ago
- Slap the hell outta GitHub by harvesting emails by crunching through commits. The Dope OSINT tool.☆13Updated 6 years ago
- Tool for information gathering, IPReverse, AdminFInder, DNS, WHOIS, SQLi Scanner with google.☆33Updated 3 years ago
- A JavaScript components vulnerability scanner, based on RetireJS☆36Updated 4 years ago
- Intelligence gathering framework☆14Updated 9 years ago
- Brute List is an updated word list for brute-forcing the assets. This is not like a normal outdated word list. I have collected several l…☆33Updated 3 years ago
- Host Header Injection Scanner☆44Updated 4 years ago
- python tools to assist in penetration testing☆14Updated last month
- Get URLs from the Wayback Machine. Able to handle large outputs.☆22Updated last year
- Reconnaissance tool of Penetration test & Bug Bounty☆25Updated 6 years ago
- Automated Google dorking with custom search engines☆27Updated 4 years ago
- Python driver for Wappalyzer, a web application detection utility.☆10Updated 5 years ago
- A simple reconnaissance framework for bug bounty hunting☆35Updated 4 years ago
- A curated collection of some cool Penetration scripts.☆13Updated 4 years ago
- Top password lists generated from leaks collected from different paste sites☆30Updated 2 years ago
- Extract endpoints from specific Git repository for fuzzing☆22Updated 4 years ago
- Guidelines for writing secure code for Python developers.☆20Updated 7 years ago
- Do some quick reconnaissance on a domain-based web-application☆13Updated 3 years ago
- Fuzz for hidden proxies, vhosts, and URLs☆15Updated 3 years ago
- Create wordlists from source codes files/directories for enumeration☆30Updated last year
- Scripts related to offensiveosint.io☆21Updated 4 years ago
- Exotic and uncommon XSS Vectors to hit the target as quickly as possible.☆18Updated 4 years ago
- ☆33Updated 2 months ago
- Find unreferenced AWS S3 buckets which have CloudFront CNAME records pointing to them☆37Updated 6 years ago
- A list of universities with vulnerability disclosure policies☆12Updated 4 years ago
- A continuously curated list of my favorite links and resources relating to Open Source Intelligence gathering.☆19Updated 6 years ago