idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
928 Commits 1 Branch 0 Tags
8679c2d6fe015537d0d879c9f71a3ed11814f336
Commit Graph

928 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
PinkDraconian
8679c2d6fe Added true and false to the fuzzing list 
Changing json field to true or false could have interesting results on an endpoint when fuzzing.
 2020-06-16 12:21:04 +02:00
g0tmi1k
958dd563e0 Merge pull request #455 from Techbrunch/patch-1 
Update swagger.txt
 2020-06-12 11:21:37 +01:00
Techbrunch
baf37cc800 Update swagger.txt 
Update swagger.txt
 2020-06-12 11:23:06 +02:00
g0tmi1k
d76b8f6691 Merge pull request #452 from noraj/patch-1 
Create LFI-gracefulsecurity-windows.txt

Source: https://gracefulsecurity.com/path-traversal-cheat-sheet-windows/
 2020-06-12 09:57:44 +01:00
g0tmi1k
b2865e0492 Merge pull request #453 from noraj/patch-2 
Create LFI-gracefulsecurity-linux.txt

Source: https://gracefulsecurity.com/path-traversal-cheat-sheet-linux/
 2020-06-12 09:57:09 +01:00
g0tmi1k
5ecb8e85b2 Merge pull request #454 from sheimo/patch-1 
Create sqli.auth.bypass.txt

Source: https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet/
Source: http://www.lifeoverpentest.com/2018/03/sql-injection-login-bypass-cheat-sheet.html
 2020-06-12 09:56:17 +01:00
sheimo
6757058b8c Create sqli.auth.bypass.txt 
This is a thorough SQL injection authentication bypass list. Each source below was combined to a text file and sorted.

Source: https://pentestlab.blog/2012/12/24/sql-injection-authentication-bypass-cheat-sheet/
Source: http://www.lifeoverpentest.com/2018/03/sql-injection-login-bypass-cheat-sheet.html
 2020-06-11 23:24:34 -05:00
Alexandre ZANNI
7dd955a544 Create LFI-gracefulsecurity-linux.txt 2020-06-11 16:49:45 +02:00
Alexandre ZANNI
6945f3e779 Create LFI-gracefulsecurity-windows.txt 2020-06-11 16:48:39 +02:00
g0tmi1k
1a9c3d47ed Merge pull request #446 from its0x08/patch-1 
TYPO fixed: some lines start with space.
 2020-06-09 17:09:55 +01:00
g0tmi1k
6dff88b8b0 Merge pull request #447 from its0x08/patch-2 
TYPO fixed: some lines start with space.
 2020-06-09 17:09:20 +01:00
g0tmi1k
534e8cd726 Merge pull request #451 from lc/patch-1 
Update CONTRIBUTORS.md
 2020-06-09 17:08:57 +01:00
Corben Leo
32f83cb081 Update CONTRIBUTORS.md 2020-06-09 11:07:28 -05:00
0x08
49d625bbcc TYPO fixed: some lines start with space. 2020-06-06 01:20:25 +03:00
0x08
7db405b01c TYPO fixed: some lines start with space. 2020-06-06 01:13:59 +03:00
g0tmi1k
0a39d3dcb4 Merge pull request #417 from muhammedck113/patch-1 
Update 10-million-password-list-top-100.txt
 2020-06-05 16:30:30 +01:00
g0tmi1k
6beba93eac Merge pull request #427 from Failsafe-0verflowme/patch-1 
Update common.txt
 2020-06-05 16:30:13 +01:00
g0tmi1k
9aa4f93db1 Merge pull request #433 from MomIsBestFriend/Fix-425 
Fixed typo in Discovery/Variables/secret-keywords.txt
 2020-06-05 16:29:54 +01:00
g0tmi1k
245984882a Merge pull request #442 from kazkansouh/standardise-line-end 
Standardise line endings
 2020-05-28 11:11:35 +01:00
g0tmi1k
8d9520e039 Merge pull request #443 from IAmATeaPot418/patch-2 
Adding the not in operator
 2020-05-28 11:10:08 +01:00
Jamie Scott
5b5cafaa47 Adding the not in operator 
Adding the not in operator as another thing to check or test. It will equivalently act as { $ne: 1 } only it functions within an array.
 2020-05-28 00:34:48 -07:00
Karim Kanso
607c3293b4 strip trailing whitespace 2020-05-27 14:26:51 +01:00
Karim Kanso
f20c12a4a6 added git attributes to keep line ends standardised 2020-05-27 14:16:24 +01:00
Karim Kanso
a3416ba706 standardisze line endings 2020-05-27 14:10:50 +01:00
g0tmi1k
9a14bdb7ca Merge pull request #441 from cactuschibre/master 
Reorder and add more Actuator endpoints

Source; https://apereo.github.io/cas/development/monitoring/Monitoring-Statistics.html
 2020-05-27 10:42:10 +01:00
g0tmi1k
67bdc2032e Merge pull request #434 from Kegn/patch-1 
add nested traversal strings for /etc/passwd
 2020-05-27 09:55:47 +01:00
g0tmi1k
67947cfae1 Merge pull request #435 from righettod/master 
Add WWW and HTML folders
 2020-05-27 09:54:21 +01:00
g0tmi1k
fdfd855ec5 Merge pull request #437 from guest20/patch-1 
Rename Public-Source-Repo-Issues.txt to Public-Source-Repo-Issues.json
 2020-05-27 09:44:27 +01:00
cactuschibre
017b233805 Reorder and add more Actuator endpoints 2020-05-26 16:28:58 +02:00
guest20
6ccd6853d4 Rename Public-Source-Repo-Issues.txt to Public-Source-Repo-Issues.json 
This file is full of json, which might upset someone writing a script that assumes *.txt files are just url fragments....
 2020-05-24 13:07:50 +02:00
Dominique RIGHETTO
9763b2a76d Add www folder 2020-05-23 11:37:49 +02:00
Dominique RIGHETTO
6350b61e1d Add missing ending / 2020-05-23 11:36:17 +02:00
Dominique RIGHETTO
e790c509b8 Ass html folder 2020-05-23 11:34:37 +02:00
kegan
54ac7074da add nested traversal strings for /etc/passwd 2020-05-18 18:12:12 -05:00
MomIsBestFriend
e89ff1fbda Fixed typo in Discovery/Variables/secret-keywords.txt 2020-05-17 00:37:40 +03:00
g0tmi1k
a8df2a72c2 Merge pull request #431 from pbafe/master 
Create Django.txt
 2020-05-13 14:27:21 +01:00
pbafe
888cdaa13a Create Django.txt 
Updated on April 20th, the contents include all the files of Django between version 3.0.5 and 2.1
 2020-05-09 10:53:35 +02:00
g0tmi1k
86c6e6314f Merge pull request #430 from cnotin/patch-1 
Add .well-known entries

Source: 
- https://gist.github.com/quickbreach/3bddfdf193b3d988b0e07d07dbac0da0
- https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml
- https://mercure.rocks/spec#discovery
 2020-05-08 12:07:45 +01:00
g0tmi1k
47e882f5d9 Merge pull request #405 from soufianetahiri/patch-1 
add swagger path
 2020-05-08 12:06:57 +01:00
Clément Notin
123be76ca1 Add .well-known entries 2020-05-08 01:14:12 +02:00
g0tmi1k
442e31098e Merge pull request #428 from g0tmi1k/misc 
Add top domains + 2020.2 release
 2020-05-04 10:23:05 +01:00
g0t mi1k
7bc157fd55 2020.2 release 2020-05-04 10:22:21 +01:00
g0t mi1k
ff36e7e79f Add alexa domains 
Source: https://support.alexa.com/hc/en-us/articles/200461990-Can-I-get-a-list-of-top-sites-from-an-API-
https://asciinema.org/a/9dwog4uqepaghpvyeginwckpn
 2020-05-04 10:18:55 +01:00
g0t mi1k
fe8a8830c4 Add majestic domains 
Source: https://blog.majestic.com/development/majestic-million-csv-daily/

$ wget http://downloads.majestic.com/majestic_million.csv
$ zip top-domains-majestic.csv.zip majestic_million.csv
 2020-05-04 10:16:48 +01:00
g0t mi1k
cd715ee89c Update credit URLs 2020-05-04 10:10:52 +01:00
g0tmi1k
15b1fa3a65 Merge pull request #426 from righettod/master 
Add the expression for the "doT.js" and the "dust.js" template engines

Source:

- https://github.com/epinna/tplmap/tree/master/plugins/engines
- https://olado.github.io/doT/index.html
- http://www.dustjs.com/
 2020-05-04 10:07:21 +01:00
0verflowme
ffc8d2bf32 Update common.txt 2020-05-03 19:53:03 +05:30
Dominique RIGHETTO
984af30974 Add the expression for the Dust engine 2020-05-03 10:52:17 +02:00
Dominique RIGHETTO
aecd8036ca Add the expression for the doT engine 2020-05-03 10:30:48 +02:00
g0tmi1k
09d5a27cf7 Merge pull request #421 from storenth/master 
Update the fuzz-Bo0oM.txt with more ';'

Source: https://twitter.com/11xuxx/status/1247496768054591489
 2020-04-29 17:52:49 +01:00