idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
681 Commits 1 Branch 0 Tags
80700778d8b06ea92b676210b9cdfaa8db073857
Commit Graph

681 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
toxydose
277b243d61 add slashes. Some servers are redirecting from folders without slashes to folders with slashes in the end of URI, and 302 is returned instead of 200 2018-12-02 02:39:55 +02:00
toxydose
aac5204f75 add clientaccesspolicy.xml and crossdomain.xml files which are usually contains unsafe wildcarded configurations. 2018-12-02 02:23:41 +02:00
Alexander Bridges
86b091eab3 Merge pull request #2 from danielmiessler/master 
upd
 2018-12-02 01:57:09 +02:00
g0tmi1k
b8da13eb6e Update README.md 2018-11-26 10:20:38 +00:00
g0tmi1k
691bc9bd72 Merge pull request #242 from g0tmi1k/misc 
Add install information
 2018-11-26 10:19:59 +00:00
g0tmi1k
b51d03d478 Add install information 2018-11-26 10:19:38 +00:00
g0tmi1k
47b1829910 Merge pull request #241 from g0tmi1k/ua 
Added various User Agent strings
 2018-11-26 10:09:44 +00:00
g0tmi1k
b99b0ed28f Added various User Agent strings 
Source: https://developers.whatismybrowser.com/useragents/explore/
 2018-11-26 09:56:22 +00:00
g0tmi1k
75ebcd1e1f Merge pull request #240 from vinnytroia/1m_domains 
Added top 1m Alexa domains 

Source: https://www.alexa.com/topsites
 2018-11-23 10:01:54 +00:00
Vinny Troia
fa07cbd407 Added top 1m Alexa domains - sorted and replaced . with - 2018-11-23 04:58:33 -05:00
g0tmi1k
ea79b4facb Merge pull request #239 from tomcodes/master 
Add sonar-project.properties and default HashiChorp Vault url to quickhits.txt

Source: https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner
 2018-11-21 15:16:08 +00:00
tomcodes
613af9601e Add HashiCorp Vault GUI default URL to quickhits.txt 2018-11-21 16:11:47 +01:00
tomcodes
ff8406d36b Add sonar-project.properties file to quickhits.txt 2018-11-21 15:54:22 +01:00
g0tmi1k
933f1d5fba Merge pull request #238 from tomcodes/master 
Add AWS CodeDeploy appspec.yml file to quickhits.txt

Source: https://docs.aws.amazon.com/codedeploy/latest/userguide/reference-appspec-file.html
 2018-11-21 14:42:13 +00:00
tomcodes
214a277412 Add AWS CodeDeploy appspec.yml file to quickhits.txt 2018-11-21 15:21:42 +01:00
Somdev Sangwan
bb180d4e27 changed %3B to %26 (I'm sleep deprived sorry) 2018-11-21 14:53:27 +05:30
Somdev Sangwan
31167686f0 +5 payloads, some enhancements 2018-11-21 14:45:08 +05:30
g0tmi1k
e5b7acdea2 Merge pull request #234 from Martin407/patch-1 
Removed duplicate entry
 2018-11-13 17:01:10 +00:00
Martin407
86306f8d03 Removed duplicate entry 2018-11-13 11:57:59 -05:00
g0tmi1k
f28cd4a37c Merge pull request #232 from michenriksen/master 
Add best performing payloads from the XSS Polyglot Challenge

Source: https://polyglot.innerht.ml/
 2018-11-01 08:09:01 +00:00
Michael Henriksen
2dab37db43 Add best performing payloads from the XSS Polyglot Challenge 2018-11-01 07:37:16 +01:00
g0tmi1k
f8343e454d Merge pull request #231 from toxydose/master 
WP REST API v2 endpoints

Source: http://v2.wp-api.org/
 2018-10-31 21:31:17 +00:00
Alexander Bridges
a53dae2a76 Add /wp-json/wp/v2/users 
Add /wp-json/wp/v2/users WP REST API endpoint which exposes sensitive information - list of all WP users, which could be used for brute-force attacks.
 2018-10-31 23:27:00 +02:00
Alexander Bridges
dbfa5e2b1e Add some WP rest API endpoints 
reference: http://v2.wp-api.org/
 2018-10-31 23:19:31 +02:00
g0tmi1k
e36d634b08 Merge pull request #230 from toxydose/master 
Add cpanel login page

Source: https://www.webhostinghub.com/help/learn/cpanel/getting-started/how-to-login-to-cpanel
 2018-10-30 18:02:16 +00:00
Alexander Bridges
85cc7eeadf Added cpanel login page 
reference: https://www.webhostinghub.com/help/learn/cpanel/getting-started/how-to-login-to-cpanel
 2018-10-30 01:00:31 +02:00
Alexander Bridges
b4940b0a08 Merge pull request #1 from danielmiessler/master 
update
 2018-10-26 11:51:35 +03:00
g0tmi1k
3327ec8b40 Merge pull request #229 from drwetter/patch-1 
Correct 1 typo in typo3 login ;-)
 2018-10-23 12:53:05 +01:00
g0tmi1k
f5fcb3ca9b Merge pull request #228 from toxydose/master 
Add Wordpress, Django, Flask and Shopware login pages
 2018-10-23 12:51:09 +01:00
Dirk Wetter
e8b1df5f84 Correct 1 typo in typo3 login 
/typo3/in is IMHO not the login.
 2018-10-23 13:50:09 +02:00
Alexander Bridges
2ced567e86 Add Wordpress and Shopware login pages 
Added common Wordpress and Shopware CMS's login forms.

References:
https://premium.wpmudev.org/blog/find-wordpress-login/
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/wordpress.fuzz.txt
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/shopware.txt
 2018-10-23 13:46:26 +03:00
g0tmi1k
6a18428339 Merge pull request #227 from toxydose/master 
Add Shopware common sensitive files wordlist.
 2018-10-17 15:22:55 +01:00
Alexander Bridges
5a88be0c4f Add Shopware common sensitive files wordlist. 
Shopware is open source e-commerce software 
https://github.com/shopware/shopware 
Shopware wordlist was not presented in this directory. The file should be improved and expanded
 2018-10-17 17:19:53 +03:00
g0tmi1k
42d23ebe37 Merge pull request #225 from g0tmi1k/fixes 
Fixes
 2018-10-15 13:09:51 +01:00
g0tmi1k
4c09aaf6c0 Add IP address header fields 
Source: https://stackoverflow.com/questions/1384410/php-getenvremote-addr-serious-side-effects
 2018-10-15 13:08:28 +01:00
g0tmi1k
d68ba5f9ed Rename "_" -> "-" & found a few new homes 2018-10-15 13:08:10 +01:00
g0tmi1k
d0d7aa5a60 Sort out README 2018-10-15 13:07:39 +01:00
g0tmi1k
7efce4c385 Merge pull request #224 from s0md3v/patch-1 
Hand crafted XSS payloads to bypass WAFs

Source: https://github.com/s0md3v/AwesomeXSS
 2018-10-15 11:43:19 +01:00
Somdev Sangwan
cebebee4b5 Create XSS-Somdev.txt 2018-10-15 02:13:17 +05:30
g0tmi1k
11bea7627e Merge pull request #223 from govolution/patch-3 
Update telnet-betterdefaultpasslist.txt

Source: https://github.com/govolution/betterdefaultpasslist/blob/master/sources.txt
 2018-10-10 11:23:52 +01:00
g0tmi1k
31775a887e Merge pull request #222 from govolution/patch-2 
Update ssh-betterdefaultpasslist.txt

Source: https://github.com/govolution/betterdefaultpasslist/blob/master/sources.txt
 2018-10-10 11:23:16 +01:00
g0tmi1k
19e46c19bc Merge pull request #221 from govolution/patch-1 
Add 1 default credential

Source: https://app.vagrantup.com/brunofpereira/boxes/ubuntu-base
 2018-10-10 11:22:38 +01:00
govolution
ecb24ff385 Update telnet-betterdefaultpasslist.txt 
For sources please refer: https://github.com/govolution/betterdefaultpasslist/blob/master/sources.txt
 2018-10-10 05:57:27 +02:00
govolution
84bd8f017a Update ssh-betterdefaultpasslist.txt 
Sources: https://github.com/govolution/betterdefaultpasslist/blob/master/sources.txt
 2018-10-10 05:55:43 +02:00
govolution
7928dde3c2 Update mysql-betterdefaultpasslist.txt 2018-10-10 05:52:05 +02:00
govolution
c6017c2357 Update mysql-betterdefaultpasslist.txt 2018-10-10 05:48:03 +02:00
g0tmi1k
9588809bce Merge pull request #220 from JensTimmerman/patch-1 
add default passwords for zenitel devices

Source: https://wiki.zenitel.com/wiki/Password_(IP_Stations)
 2018-10-08 14:41:00 +01:00
Jens Timmerman
c57af9dcf6 add default passwords for zenitel devices 
as documented at https://wiki.zenitel.com/wiki/Password_(IP_Stations)
 2018-10-08 15:39:30 +02:00
g0tmi1k
4779684635 Merge pull request #219 from kongwenbin/master 
Add new word list for Content Type
 2018-10-07 18:27:20 +01:00
Wen Bin
fe2a64f4a1 Add new word list 
I have been using this word list for a long time. Just realised that SecLists don't have a similar list such as this, so I have decided to upload it to share with the community.
 2018-10-08 00:51:57 +08:00