SecLists

Author	SHA1	Message	Date
Dominique RIGHETTO	1c2fb11278	Add file with special vars used by template engines The objective is to identify the engine once an expression evaluation pattern was identified.	2020-09-14 14:28:12 +02:00
Dominique RIGHETTO	234dfabf72	Add an expression using expression inlining for Thymeleaf See https://www.thymeleaf.org/doc/tutorials/3.0/usingthymeleaf.html#expression-inlining Added it because I have discovered that, when StringTemplateResolver is used, then expression like ${42*42} is not resolved	2020-09-13 11:04:15 +02:00
Dominique RIGHETTO	ba87953a08	Add expression for Velocity engine	2020-09-13 09:33:41 +02:00
g0tmi1k	e3d31edd19	Merge pull request #466 from bugbounty69/master Added all HTML Attributes list Source: https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes	2020-07-22 16:25:47 +01:00
g0tmi1k	dea731202f	Merge pull request #471 from maxkleinke/master renamed files in Passwords/Default-Credentials for better parsing	2020-07-22 16:25:27 +01:00
g0tmi1k	a93ecd7f91	Merge pull request #472 from righettod/master Add characters that can break a MongoDB query when JS expression is used Source: https://github.com/Charlie-belmer/vulnerable-node-app/blob/master/app/routes/user.route.js#L8	2020-07-22 16:25:07 +01:00
g0tmi1k	31ee70aeef	Merge pull request #473 from mrajput7/master Update golang.txt Source: https://www.dropbox.com/s/ir2b56j3zt7vz0a/golang_handlefunc_combined?dl=0	2020-07-22 16:24:33 +01:00
g0tmi1k	a3b77e1170	Merge pull request #475 from joegoerlich/patch-1 Update sap.txt	2020-07-22 16:24:13 +01:00
g0tmi1k	3a9cac0384	Merge pull request #474 from chudyPB/master Update sap.txt	2020-07-22 16:24:02 +01:00
g0tmi1k	5fc3e6a208	Merge pull request #476 from toxydose/patch-1 Add some common ports	2020-07-22 16:23:04 +01:00
g0tmi1k	a6e3f77e4d	Merge pull request #477 from g0tmi1k/misc Few fixes	2020-07-22 16:22:48 +01:00
g0t mi1k	df66ea4c82	Fix issues with wordlists	2020-07-22 16:19:47 +01:00
g0t mi1k	3567cf6fc0	Writable locations Windows Source: https://github.com/api0cradle/UltimateAppLockerByPassList/blob/master/Generic-AppLockerbypasses.md accesschk -w -s -q -u Users "C:\Program Files" >> programfiles.txt accesschk -w -s -q -u Everyone "C:\Program Files" >> programfiles.txt accesschk -w -s -q -u "Authenticated Users" "C:\Program Files" >> programfiles.txt accesschk -w -s -q -u Interactive "C:\Program Files" >> programfiles.txt accesschk -w -s -q -u Users "C:\Program Files (x86)" >> programfilesx86.txt accesschk -w -s -q -u Everyone "C:\Program Files (x86)" >> programfilesx86.txt accesschk -w -s -q -u "Authenticated Users" "C:\Program Files (x86)" >> programfilesx86.txt accesschk -w -s -q -u Interactive "C:\Program Files (x86)" >> programfilesx86.txt accesschk -w -s -q -u Users "C:\Windows" >> windows.txt accesschk -w -s -q -u Everyone "C:\Windows" >> windows.txt accesschk -w -s -q -u "Authenticated Users" "C:\Windows" >> windows.txt accesschk -w -s -q -u Interactive "C:\Windows" >> windows.txt	2020-07-22 16:05:54 +01:00
Alexander Bridges	a628a652be	Add some common ports https://www.sonicwall.com/support/knowledge-base/running-sslvpn-on-a-different-tcp-port/170503249443105/ https://www.router-switch.com/faq/difference-between-https-port-443-and-8443.html https://www.speedguide.net/port.php?port=8008	2020-07-22 03:23:00 +03:00
joegoerlich	d16951bd86	Update sap.txt Added URLs related to [CVE-2020-6287].	2020-07-21 10:11:10 +02:00
chudyPB	da33a2b4a4	Update sap.txt	2020-07-21 09:34:10 +02:00
Mohit Narayan Rajput	99d3e2ab22	Update golang.txt	2020-07-19 01:34:21 -04:00
Dominique RIGHETTO	00f10f8513	Add character that can break a MongoDB query when JS expression is used	2020-07-18 18:00:24 +02:00
Maximilian Kleinke	e3ae394144	renamed files in Passwords/Default-Credentials for better parsing	2020-07-18 13:59:44 +02:00
g0tmi1k	b883fc123a	Merge pull request #467 from GovindPalakkal/patch-2 Update swagger.txt	2020-07-17 22:05:28 +01:00
g0tmi1k	62786ce702	Update CONTRIBUTORS.md	2020-07-17 22:01:21 +01:00
g0tmi1k	ad309eabee	Merge pull request #468 from govolution/patch-6 Update telnet-betterdefaultpasslist.txt Source: https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/	2020-07-17 21:56:37 +01:00
govolution	ff84e4dafa	Update telnet-betterdefaultpasslist.txt source for new passwords: https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/	2020-07-11 17:51:50 +02:00
D3lT4	c5ce1780eb	Update swagger.txt	2020-07-08 23:37:59 +05:30
bugbounty69	0f3c1db17c	Added all HTML Attributes list	2020-07-08 00:25:11 +00:00
g0tmi1k	dd5960e18e	Merge pull request #459 from clem9669/patch-3 Minor change	2020-06-18 15:34:59 +01:00
g0tmi1k	456a3b0fe8	Merge pull request #460 from clem9669/patch-4 PR about the issue: #438	2020-06-18 15:20:05 +01:00
clem9669	7da5c78bf7	PR about the issue: #438 Typo https://github.com/danielmiessler/SecLists/issues/438	2020-06-18 14:18:55 +00:00
clem9669	c4002baa24	Minor change Added 1 line for good practice	2020-06-18 14:15:16 +00:00
g0tmi1k	227e072758	Merge pull request #458 from PinkDraconian/patch-2 Added scientific notation entries	2020-06-16 13:18:56 +01:00
PinkDraconian	cf1ca8ec62	Added scientific notation entries	2020-06-16 12:36:29 +02:00
g0tmi1k	4626422418	Merge pull request #457 from PinkDraconian/patch-1 Added true and false to the fuzzing list	2020-06-16 11:24:19 +01:00
PinkDraconian	8679c2d6fe	Added true and false to the fuzzing list Changing json field to true or false could have interesting results on an endpoint when fuzzing.	2020-06-16 12:21:04 +02:00
g0tmi1k	958dd563e0	Merge pull request #455 from Techbrunch/patch-1 Update swagger.txt	2020-06-12 11:21:37 +01:00
Techbrunch	baf37cc800	Update swagger.txt Update swagger.txt	2020-06-12 11:23:06 +02:00
g0tmi1k	d76b8f6691	Merge pull request #452 from noraj/patch-1 Create LFI-gracefulsecurity-windows.txt Source: https://gracefulsecurity.com/path-traversal-cheat-sheet-windows/	2020-06-12 09:57:44 +01:00
g0tmi1k	b2865e0492	Merge pull request #453 from noraj/patch-2 Create LFI-gracefulsecurity-linux.txt Source: https://gracefulsecurity.com/path-traversal-cheat-sheet-linux/	2020-06-12 09:57:09 +01:00
g0tmi1k	5ecb8e85b2	Merge pull request #454 from sheimo/patch-1 Create sqli.auth.bypass.txt Source: https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet/ Source: http://www.lifeoverpentest.com/2018/03/sql-injection-login-bypass-cheat-sheet.html	2020-06-12 09:56:17 +01:00
sheimo	6757058b8c	Create sqli.auth.bypass.txt This is a thorough SQL injection authentication bypass list. Each source below was combined to a text file and sorted. Source: https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet/ Source: http://www.lifeoverpentest.com/2018/03/sql-injection-login-bypass-cheat-sheet.html	2020-06-11 23:24:34 -05:00
Alexandre ZANNI	7dd955a544	Create LFI-gracefulsecurity-linux.txt	2020-06-11 16:49:45 +02:00
Alexandre ZANNI	6945f3e779	Create LFI-gracefulsecurity-windows.txt	2020-06-11 16:48:39 +02:00
g0tmi1k	1a9c3d47ed	Merge pull request #446 from its0x08/patch-1 TYPO fixed: some lines start with space.	2020-06-09 17:09:55 +01:00
g0tmi1k	6dff88b8b0	Merge pull request #447 from its0x08/patch-2 TYPO fixed: some lines start with space.	2020-06-09 17:09:20 +01:00
g0tmi1k	534e8cd726	Merge pull request #451 from lc/patch-1 Update CONTRIBUTORS.md	2020-06-09 17:08:57 +01:00
Corben Leo	32f83cb081	Update CONTRIBUTORS.md	2020-06-09 11:07:28 -05:00
0x08	49d625bbcc	TYPO fixed: some lines start with space.	2020-06-06 01:20:25 +03:00
0x08	7db405b01c	TYPO fixed: some lines start with space.	2020-06-06 01:13:59 +03:00
g0tmi1k	0a39d3dcb4	Merge pull request #417 from muhammedck113/patch-1 Update 10-million-password-list-top-100.txt	2020-06-05 16:30:30 +01:00
g0tmi1k	6beba93eac	Merge pull request #427 from Failsafe-0verflowme/patch-1 Update common.txt	2020-06-05 16:30:13 +01:00
g0tmi1k	9aa4f93db1	Merge pull request #433 from MomIsBestFriend/Fix-425 Fixed typo in Discovery/Variables/secret-keywords.txt	2020-06-05 16:29:54 +01:00

1 2 3 4 5 ...

960 Commits