idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
814 Commits 1 Branch 0 Tags
563b995df06d17ed8d3c357df668f6a624cae7aa
Commit Graph

213 Commits

Author SHA1 Message Date
ArgentEnergy 7fa417a3d5 Added more AEM paths. 2019-03-15 21:43:31 -03:00
ArgentEnergy ae88fbed37 Added Swagger paths. 2019-03-15 21:18:17 -03:00
Tonimir Kisasondi eaccabd89a Update spring-boot.txt 2019-03-15 22:37:48 +01:00
Tonimir Kisasondi 61b92c599d Update spring-boot.txt 
Added some other paths according to:
https://www.veracode.com/blog/research/exploiting-spring-boot-actuators
 2019-03-15 22:26:08 +01:00
Liam Somerville 9ddb20063b Add "admin" 2019-02-22 12:02:05 -07:00
SolomonSklash 9d29d64635 Fixed typo in file name. 
sortedcombied-knock-dnsrecon-fierce-reconng.txt -> sortedcombined-knock-dnsrecon-fierce-reconng.txt
 2019-02-19 10:36:10 -06:00
Andrei Conache 807b08a7eb add /admin-console directory 2019-02-08 17:16:37 +01:00
g0tmi1k 72d9141eb4 Update secretkeywords.txt 
As requested ~ https://github.com/danielmiessler/SecLists/pull/267#issuecomment-458900997
 2019-01-30 11:12:02 +00:00
g0tmi1k a0c2048867 Merge pull request #267 from nsonaniya2010/master 
new secret keywords added

Source: https://github.com/nsonaniya2010/SubDomainizer/blob/55899c0ee0769a521f49edaf88da97a0f951e4b5/SubDomainizer.py#L174
 2019-01-30 10:52:00 +00:00
Neeraj Edwards e3cf286b8d Merge branch 'master' into master 2019-01-30 15:58:29 +05:30
Neeraj Sonaniya 0460f9de6f new secret keywords added 2019-01-30 15:50:09 +05:30
root f4470cdea6 guly: added shubs lists 2019-01-29 14:48:59 +01:00
g0tmi1k 8f3802fd51 Merge pull request #262 from g0tmi1k/websphere 
Fix #255 - Add more wps
 2019-01-07 15:55:58 +00:00
g0tmi1k 758842d94f Fix #255 - Add more wps 2019-01-07 15:55:10 +00:00
g0tmi1k 5e1dc9cc79 Fix #259 - Recover from bad merge 2019-01-07 15:40:56 +00:00
Daniel Miessler 778b16115f Added https://github.com/g0tmi1k to the project leaders list. 2018-12-31 11:53:56 -08:00
g0tmi1k f9c1ec678c Merge pull request #253 from toxydose/master 
Merge and delete vordlists, add login.html to Logins.fuzz.txt
 2018-12-11 11:33:42 +00:00
g0tmi1k 3e30797df9 Merge pull request #254 from g0tmi1k/snmp 
Made OneSixtyOne happy with SNMP
 2018-12-11 11:25:22 +00:00
g0tmi1k 4fb16b1ad3 Made OneSixtyOne happy with SNMP 
Source: https://github.com/trailofbits/onesixtyone/issues/1
 2018-12-11 11:22:26 +00:00
toxydose 5e043e22ba merged FatwireCMS.fuzz.txt fatwire.txt 2018-12-11 04:32:05 +02:00
toxydose 24c955345f contains the same, and less than FatwireCMS.fuzz.txt 2018-12-11 04:12:44 +02:00
toxydose 4bda908742 merged two domino endpoints files 2018-12-11 04:01:38 +02:00
toxydose 82671ffafc add login.html endpoint 2018-12-11 02:27:08 +02:00
toxydose dd08d4aacb merged two IIS wordlists, deleted file. 2018-12-08 17:22:44 +02:00
toxydose c638cb3055 File containing the same strings that are included to jboss.txt 2018-12-08 17:05:37 +02:00
toxydose 6aedd5e95d deleted duplicate file vignette.txt that duplicates Vignette.fuzz.txt but do not contains slashes 2018-12-08 17:01:56 +02:00
toxydose 1182e89d55 delete file containing duplicate entries from netware.txt 2018-12-08 16:58:00 +02:00
toxydose ea352ed2ce - sorted alphabetically 
- removed duplicates
- merged unique with "ColdFusion.fuzz2.txt"
- deleted "ColdFusion.fuzz2.txt"
 2018-12-07 16:22:34 +02:00
toxydose 412153b437 add Atlassian Confluence login endpoints 
Reference: https://confluence.atlassian.com/doc/customizing-the-login-page-163938553.html
 2018-12-06 00:56:47 +02:00
Neeraj Sonaniya f21a6dfc0a List Addition - A list of secret related keywords should be added 2018-12-03 15:07:32 +05:30
toxydose 277b243d61 add slashes. Some servers are redirecting from folders without slashes to folders with slashes in the end of URI, and 302 is returned instead of 200 2018-12-02 02:39:55 +02:00
toxydose aac5204f75 add clientaccesspolicy.xml and crossdomain.xml files which are usually contains unsafe wildcarded configurations. 2018-12-02 02:23:41 +02:00
tomcodes 613af9601e Add HashiCorp Vault GUI default URL to quickhits.txt 2018-11-21 16:11:47 +01:00
tomcodes ff8406d36b Add sonar-project.properties file to quickhits.txt 2018-11-21 15:54:22 +01:00
tomcodes 214a277412 Add AWS CodeDeploy appspec.yml file to quickhits.txt 2018-11-21 15:21:42 +01:00
Alexander Bridges a53dae2a76 Add /wp-json/wp/v2/users 
Add /wp-json/wp/v2/users WP REST API endpoint which exposes sensitive information - list of all WP users, which could be used for brute-force attacks.
 2018-10-31 23:27:00 +02:00
Alexander Bridges dbfa5e2b1e Add some WP rest API endpoints 
reference: http://v2.wp-api.org/
 2018-10-31 23:19:31 +02:00
Alexander Bridges 85cc7eeadf Added cpanel login page 
reference: https://www.webhostinghub.com/help/learn/cpanel/getting-started/how-to-login-to-cpanel
 2018-10-30 01:00:31 +02:00
g0tmi1k 3327ec8b40 Merge pull request #229 from drwetter/patch-1 
Correct 1 typo in typo3 login ;-)
 2018-10-23 12:53:05 +01:00
Dirk Wetter e8b1df5f84 Correct 1 typo in typo3 login 
/typo3/in is IMHO not the login.
 2018-10-23 13:50:09 +02:00
Alexander Bridges 2ced567e86 Add Wordpress and Shopware login pages 
Added common Wordpress and Shopware CMS's login forms.

References:
https://premium.wpmudev.org/blog/find-wordpress-login/
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/wordpress.fuzz.txt
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/shopware.txt
 2018-10-23 13:46:26 +03:00
Alexander Bridges 5a88be0c4f Add Shopware common sensitive files wordlist. 
Shopware is open source e-commerce software 
https://github.com/shopware/shopware 
Shopware wordlist was not presented in this directory. The file should be improved and expanded
 2018-10-17 17:19:53 +03:00
g0tmi1k d68ba5f9ed Rename "_" -> "-" & found a few new homes 2018-10-15 13:08:10 +01:00
CyberSemtex a9e9e80884 Deleted the params and functions wordlists. Merged the boring_headers and headers file together then created a version with uppercases 1st letters (including after dashes) and a full uppercase version. Every file have been sorted with -u option to delete duplicates. Hit me up if you find something wrong. 2018-10-04 23:46:58 +02:00
CyberSemtex a2f0c2cb00 Added the wordlists from param-miner extension of BurpSuite by @albinowax 2018-10-04 23:45:21 +02:00
objectified bc97ca41f5 added wordlist for Spring Boot (Actuator) 2018-08-23 20:22:01 +02:00
g0tmi1k 201e2abfb5 Close #195 - Confluence administration 
Source: https://confluence.atlassian.com/doc/using-apache-to-limit-access-to-the-confluence-administration-interface-216433019.html
 2018-07-05 07:21:57 +01:00
frite a3cce76170 Adding jhaddix DNS entries file. 2018-06-30 22:09:30 +01:00
g0tmi1k 3f79d071ce Quick move about 2018-03-21 17:47:29 +00:00
g0tmi1k c524f768bf Close #148 - More Lotus Domino 
Source: https://github.com/danielmiessler/SecLists/issues/148
Source: https://github.com/rapid7/metasploit-framework/blob/6300758c46464ff5488bc49bc326ebbb1df46321/modules/auxiliary/scanner/lotus/lotus_domino_version.rb
Source: https://github.com/coldfusion39/domi-owned/blob/583d0a5ade9305c40329916e0ecf1540a089c9be/domi_owned/fingerprint.py#L60-L72
 2018-03-21 17:07:45 +00:00