jhaddix / SecLists
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.
☆134Updated 6 years ago
Related projects: ⓘ
- ☆409Updated last year
- ☆162Updated last month
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆107Updated 7 years ago
- ☆350Updated 2 years ago
- ☆74Updated 5 years ago
- Generates lists of live hosts and URLs for targeting, automating the usage of MassDNS, Masscan and nmap to filter out unreachable hosts a…☆362Updated 2 years ago
- ☆522Updated 7 months ago
- Burp Extension for easily creating Wordlists☆208Updated 2 years ago
- Poor (rich?) man's bug bounty pipeline https://dubell.io☆267Updated last year
- A script that can resolve an input file of domains and scan them with masscan☆155Updated 4 years ago
- information gathering☆266Updated 5 months ago
- ☆202Updated 3 years ago
- My personal bug bounty toolkit.☆162Updated 3 months ago
- Yet another subdomain finder☆195Updated 4 years ago
- SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types i…☆47Updated 8 years ago
- ☆365Updated 3 years ago
- An automated approach to performing recon for bug bounty hunting and penetration testing.☆441Updated 4 years ago
- Recon Methodology☆83Updated 2 years ago
- RepoToStoreBugBountyInfo☆263Updated 4 years ago
- Community curated list of template files for the nuclei engine to find security vulnerability and fingerprinting the targets.☆27Updated 4 years ago
- ☆449Updated 3 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆36Updated 6 years ago
- The project contains multiple shell scripts for automating the tasks during recon.☆171Updated last year
- Leverages publicly available datasets from Google BigQuery to generate content discovery and subdomain wordlists☆686Updated last year
- Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.☆516Updated 6 years ago
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices☆608Updated 5 months ago
- A DNS Bruteforcing Wordlist Generator☆346Updated last year
- this html file creates a csrf poc form to any http request.☆265Updated last year
- Web recon script. No need to fear, sumrecon is here!☆349Updated last year
- Random utilities from my security projects that might be useful to others☆175Updated 3 years ago