idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,104 Commits 1 Branch 0 Tags
44c288e17a6d5365de202e70e1b9d5051bc78c06
Commit Graph

324 Commits

Author SHA1 Message Date
g0tmi1k
44c288e17a Merge pull request #601 from shelld3v/patch-8 
Better wordlist
 2021-05-25 17:32:54 +01:00
Hector Grecco
725eeb4a4d Add "cms" word to list 2021-05-05 10:51:29 -03:00
shelld3v
fc3902bc5d Better wordlist 2021-05-01 00:04:10 +07:00
g0tmi1k
7693c73c26 Merge pull request #582 from slicin/patch-1 
Update wp-plugins.fuzz.txt
 2021-03-23 06:44:43 +00:00
slicin
c3c8518831 Update wp-plugins.fuzz.txt 
Adding broken-link-manager to find:
CVE-2015-9453
CVE-2015-9467
CVE-2015-9468
 2021-03-19 17:12:59 -04:00
Ernestas Kulik
e1d08810b3 Discovery: Fix spelling and hyphenate some words 
“atleast” and “sensitive” are self-explanatory here. Hyphenation makes
things even more readable, even if a tad pedantic.

https://xkcd.com/37/
 2021-03-13 23:23:27 +01:00
g0tmi1k
eeea855ac5 Merge pull request #577 from righettod/master 
Add "contribute.json" file entry

https://infosec.mozilla.org/guidelines/web_security#contributejson
https://www.contributejson.org/
https://github.com/mozilla/contribute.json
 2021-03-01 12:43:28 +00:00
Dominique RIGHETTO
6715ca5d96 Add "contribute.json" file entry 2021-03-01 12:36:34 +01:00
g0tmi1k
3f5531cde3 Merge pull request #573 from righettod/master 
Add specific "render" endpoints
 2021-03-01 05:18:13 +00:00
Dominique RIGHETTO
6400f4d31e Change the url to google 2021-02-26 14:12:33 +01:00
Dominique RIGHETTO
2afcf1217c Add specific render endpoints 2021-02-21 18:55:29 +01:00
Cristiano Maruti
84149f5b30 Create versioning_metafiles.txt 2021-02-20 20:41:53 +01:00
g0tmi1k
c341f97b90 Merge pull request #563 from jaiswalakshansh/patch-1 
Update spring-boot.txt

Source: https://www.baeldung.com/spring-boot-actuators
 2021-02-12 10:17:51 +00:00
g0tmi1k
4df226a358 Merge pull request #539 from shelld3v/patch-6 
Create a wordlist for dirsearch users
 2021-02-12 10:17:25 +00:00
g0tmi1k
36116d773a Merge pull request #557 from shelld3v/patch-7 
More API endpoints (from assetnote) and sort everything

Source: wordlist.assetnote.io
 2021-02-12 10:16:52 +00:00
g0tmi1k
0d39b80eee Merge pull request #570 from Faelian/master 
Added webpack.manifest.json
 2021-02-11 22:09:44 +00:00
Olivier Lasne
ca898cc4c7 Added webpack.manifest.json 2021-02-11 23:05:42 +01:00
g0t mi1k
d30d7b46e6 Fix up 2021-02-11 21:56:20 +00:00
g0tmi1k
7a0c657912 Merge pull request #555 from shoeper/unique-dns-keeporder 
DNS lists lower case only
 2021-02-11 21:35:58 +00:00
g0tmi1k
5d0d24f91b Merge pull request #562 from righettod/feature_blazor 
Add Microsoft Blazor WebAssembly identifiers

Source: https://github.com/SteveSandersonMS/CarChecker
 2021-02-11 21:26:13 +00:00
g0tmi1k
94e19b86fa Merge pull request #559 from TAbdiukov/master 
Object Exchange (OBEX) common and uncommon path lists

Source: https://en.wikipedia.org/wiki/OBject_EXchange
 2021-02-11 21:24:29 +00:00
g0tmi1k
ad24e5dcd1 Merge pull request #549 from righettod/Feature_548 
Add ".well-known/jwks.json" path to common.txt file.

Source:

- https://auth0.com/docs/tokens/json-web-tokens/json-web-key-sets
- https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-verifying-a-jwt.html#amazon-cognito-user-pools-using-tokens-step-2
- https://blogs.akamai.com/2019/10/verify-jwt-with-json-web-key-set-jwks-in-api-gateway.html
 2021-02-11 20:50:33 +00:00
g0tmi1k
cd52c8428a Merge pull request #547 from fiLLLip/patch-1 
Add humans.txt

Source: http://humanstxt.org/
 2021-02-11 20:49:46 +00:00
g0tmi1k
751900cbde Merge pull request #544 from mxrch/master 
Adding .git to big.txt
 2021-02-11 20:49:15 +00:00
g0tmi1k
5ec9d37a15 Merge pull request #540 from kazkansouh/mime-types-iana 
refreshed mime/content-types

Source: https://www.iana.org/assignments/media-types/media-types.xml

```
curl https://www.iana.org/assignments/media-types/media-types.xml -s | xpath -q -e '//file/text()' | tr '[[:upper:]]' '[[:lower:]]'
```
 2021-02-11 20:47:27 +00:00
g0tmi1k
9fbf6cb419 Merge pull request #524 from t0-git/patch-1 
Adding new .git entries and .svnignore.
 2021-02-11 20:28:23 +00:00
Akshansh Jaiswal
1d11e71a65 Update spring-boot.txt 2021-01-25 10:30:28 +05:30
Dominique RIGHETTO
405cf59743 Add Microsoft Blazor client identifier 2021-01-24 08:58:00 +01:00
TAbdiukov
05fe10e860 Upload rare (uncommon) OBEX paths 
Sources: multiple (all listed in the file)
 2021-01-20 16:06:00 +11:00
TAbdiukov
5c246e58cd a few extras from SE spec files for devs 
Sources,
https://manualzz.com/doc/24948742
https://manualzz.com/doc/922881/dcs-phfs-dw-user-guide
 2021-01-20 15:06:25 +11:00
TAbdiukov
6e71f29fc3 a topn more paths from official specs 
Src: http://www.pday.com.cn/technology/irda_documents/irmc_v1p1.pdf
 2021-01-20 14:59:16 +11:00
TAbdiukov
ba087b3874 add comments; sort alphabetically; rm duplicates 2021-01-20 14:39:49 +11:00
TAbdiukov
cbf5d4eadb First upload 
Source:  http://dev.zuckschwerdt.org/openobex/wiki/ObexFtpServices
 2021-01-20 14:20:28 +11:00
shelld3v
216ae4a8df More endpoints 2021-01-11 18:54:44 +07:00
shelld3v
963add5f23 More API endpoints (from assetnote) and sort everything 2021-01-11 18:42:46 +07:00
Sven Höper
dc04568e57 DNS lists lower case only 
Converted DNS lists to lower case only and removed duplicates
without chaing order

fix #553
 2021-01-06 16:18:04 +01:00
Dominique RIGHETTO
38581fac54 Add ".well-known/jwks.json" path 
Add path to the JSON Web Key Sets file.
This file is documented [here](https://auth0.com/docs/tokens/json-web-tokens/json-web-key-sets)
 2020-12-27 16:35:37 +01:00
Filip Andre Larsen Tomren
8327e45d92 Add humans.txt to common list 
'humans.txt' is common as specified http://humanstxt.org. At least as
common as 'humans', without having to specify extension in tools like 'dirb'.
 2020-12-08 14:53:06 +01:00
mxrch
fb4aaabc63 Update big.txt 2020-11-21 00:16:16 +01:00
Karim Kanso
a6f2ed757f refreshed content-types from www.iana.org/assignments/media-types/media-types.xml 2020-11-17 11:48:56 +00:00
shelld3v
004d110704 Create dirsearch.txt 2020-11-15 13:52:44 +07:00
g0tmi1k
9f4d672e98 Merge pull request #517 from righettod/master 
Add path to a common ManageEngine endpoint

Source: https://righettod.eu/#4-vulns
 2020-11-11 12:00:53 +00:00
g0tmi1k
ac861e371d Merge pull request #509 from ArgentEnergy/spring-boot-redis 
Spring Boot Redis paths.
 2020-11-06 11:51:25 +00:00
g0tmi1k
12513fd8ad Merge pull request #518 from clem9669/patch-5 
Adding nextcloud & owncloud to common.txt

Source: https://help.dreamhost.com/hc/en-us/articles/235545207-Step-by-step-guide-to-deploy-Nextcloud-on-DreamCompute
 2020-11-03 22:00:16 +00:00
g0tmi1k
6d164b9672 Merge pull request #527 from soufianetahiri/master 
Added actuator default paths and created new XSS fuzzing list

Source: https://docs.spring.io/spring-boot/docs/1.5.x/reference/html/production-ready-endpoints.html
 2020-11-03 11:39:11 +00:00
g0tmi1k
449d7a84cd Merge pull request #528 from drwetter/patch-4 
Add CMS login

https://processwire.com/docs/security/admin/
 2020-11-02 21:12:18 +00:00
g0tmi1k
cea2a72bae Merge pull request #506 from LabanSkollerDefensify/patch-1 
Add NDES and SCEP URLs

/certsrv/mscep/mscep.dll: https://docs.microsoft.com/en-us/mem/intune/protect/certificates-scep-configure
/certsrv/mscep_admin: https://social.technet.microsoft.com/wiki/contents/articles/9063.active-directory-certificate-services-ad-cs-network-device-enrollment-service-ndes.aspx
 2020-11-02 21:11:53 +00:00
g0tmi1k
fe2aa9e7b0 Merge pull request #521 from realArcherL/master 
Slight correction with version numbers from earlier PR also added new endpoints
 2020-11-02 20:57:49 +00:00
Dirk Wetter
f7577f68cb Add CMS login 
Processwire is a CMS which I recently encountered during a pentest. /processwire is the login (compare /typo3 or /wp-login.php)
 2020-10-23 13:14:04 +02:00
Soufiane Tahiri
a8e73cb425 Added actuator default paths 
Added actuator paths
 2020-10-23 10:51:19 +02:00