5e043e22ba
merged FatwireCMS.fuzz.txt fatwire.txt
2018-12-11 04:32:05 +02:00
24c955345f
contains the same, and less than FatwireCMS.fuzz.txt
2018-12-11 04:12:44 +02:00
4bda908742
merged two domino endpoints files
2018-12-11 04:01:38 +02:00
82671ffafc
add login.html endpoint
2018-12-11 02:27:08 +02:00
dd08d4aacb
merged two IIS wordlists, deleted file.
2018-12-08 17:22:44 +02:00
c638cb3055
File containing the same strings that are included to jboss.txt
2018-12-08 17:05:37 +02:00
6aedd5e95d
deleted duplicate file vignette.txt that duplicates Vignette.fuzz.txt but do not contains slashes
2018-12-08 17:01:56 +02:00
1182e89d55
delete file containing duplicate entries from netware.txt
2018-12-08 16:58:00 +02:00
ea352ed2ce
- sorted alphabetically
...
- removed duplicates
- merged unique with "ColdFusion.fuzz2.txt"
- deleted "ColdFusion.fuzz2.txt"
2018-12-07 16:22:34 +02:00
412153b437
add Atlassian Confluence login endpoints
...
Reference: https://confluence.atlassian.com/doc/customizing-the-login-page-163938553.html
2018-12-06 00:56:47 +02:00
277b243d61
add slashes. Some servers are redirecting from folders without slashes to folders with slashes in the end of URI, and 302 is returned instead of 200
2018-12-02 02:39:55 +02:00
aac5204f75
add clientaccesspolicy.xml and crossdomain.xml files which are usually contains unsafe wildcarded configurations.
2018-12-02 02:23:41 +02:00
613af9601e
Add HashiCorp Vault GUI default URL to quickhits.txt
2018-11-21 16:11:47 +01:00
ff8406d36b
Add sonar-project.properties file to quickhits.txt
2018-11-21 15:54:22 +01:00
214a277412
Add AWS CodeDeploy appspec.yml file to quickhits.txt
2018-11-21 15:21:42 +01:00
a53dae2a76
Add /wp-json/wp/v2/users
...
Add /wp-json/wp/v2/users WP REST API endpoint which exposes sensitive information - list of all WP users, which could be used for brute-force attacks.
2018-10-31 23:27:00 +02:00
dbfa5e2b1e
Add some WP rest API endpoints
...
reference: http://v2.wp-api.org/
2018-10-31 23:19:31 +02:00
85cc7eeadf
Added cpanel login page
...
reference: https://www.webhostinghub.com/help/learn/cpanel/getting-started/how-to-login-to-cpanel
2018-10-30 01:00:31 +02:00
3327ec8b40
Merge pull request #229 from drwetter/patch-1
...
Correct 1 typo in typo3 login ;-)
2018-10-23 12:53:05 +01:00
e8b1df5f84
Correct 1 typo in typo3 login
...
/typo3/in is IMHO not the login.
2018-10-23 13:50:09 +02:00
2ced567e86
Add Wordpress and Shopware login pages
...
Added common Wordpress and Shopware CMS's login forms.
References:
https://premium.wpmudev.org/blog/find-wordpress-login/
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/wordpress.fuzz.txt
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/shopware.txt
2018-10-23 13:46:26 +03:00
5a88be0c4f
Add Shopware common sensitive files wordlist.
...
Shopware is open source e-commerce software
https://github.com/shopware/shopware
Shopware wordlist was not presented in this directory. The file should be improved and expanded
2018-10-17 17:19:53 +03:00
d68ba5f9ed
Rename "_" -> "-" & found a few new homes
2018-10-15 13:08:10 +01:00
a9e9e80884
Deleted the params and functions wordlists. Merged the boring_headers and headers file together then created a version with uppercases 1st letters (including after dashes) and a full uppercase version. Every file have been sorted with -u option to delete duplicates. Hit me up if you find something wrong.
2018-10-04 23:46:58 +02:00
a2f0c2cb00
Added the wordlists from param-miner extension of BurpSuite by @albinowax
2018-10-04 23:45:21 +02:00
bc97ca41f5
added wordlist for Spring Boot (Actuator)
2018-08-23 20:22:01 +02:00
201e2abfb5
Close #195 - Confluence administration
...
Source: https://confluence.atlassian.com/doc/using-apache-to-limit-access-to-the-confluence-administration-interface-216433019.html
2018-07-05 07:21:57 +01:00
3f79d071ce
Quick move about
2018-03-21 17:47:29 +00:00
c524f768bf
Close #148 - More Lotus Domino
...
Source: https://github.com/danielmiessler/SecLists/issues/148
Source: https://github.com/rapid7/metasploit-framework/blob/6300758c46464ff5488bc49bc326ebbb1df46321/modules/auxiliary/scanner/lotus/lotus_domino_version.rb
Source: https://github.com/coldfusion39/domi-owned/blob/583d0a5ade9305c40329916e0ecf1540a089c9be/domi_owned/fingerprint.py#L60-L72
2018-03-21 17:07:45 +00:00
2ff356ee2a
Add domi-owned
...
Source: https://github.com/coldfusion39/domi-owned
2018-03-21 17:04:37 +00:00
df9697d189
Add Domino-Hunter
...
Source: https://sourceforge.net/projects/dominohunter/
2018-03-21 16:59:57 +00:00
7a9a7c6c35
Close #135 - Default web roots (WIP!)
2018-03-21 16:50:02 +00:00
2b697209a8
Close #127 - Merge similar WebLogic files
...
Command:
cat Weblogic.fuzz.txt weblogic.txt | sed -e 's/^\///' -e 's/ $//' | sort -u | sed -e 's/^/\//' > /tmp/weblogic.txt; mv {/tmp/,}weblogic.txt
cat Websphere.fuzz.txt websphere.txt | sed -e 's/^\///' -e 's/ $//' | sort -u | sed -e 's/^/\//' > /tmp/websphere.txt; mv {/tmp/,}websphere.txt
2018-03-21 16:44:33 +00:00
bddd77825e
Close #145 - Update Common_PHP_Filenames.txt (admin*.php)
2018-03-21 16:14:59 +00:00
1863878864
Close #153 - Update ApacheTomcat.fuzz.txt
2018-03-21 16:10:27 +00:00
1e13b9dc15
Close #177 - Update apache.txt (Add php.ini)
2018-03-21 16:03:59 +00:00
befbd5b20d
Merge pull request #168 from tomcodes/master
...
Add gitlab related urls to quickhits.txt
2018-03-19 19:14:58 -07:00
08f12147a3
Add "-" to split up words, moved files since PR accepted
...
- PRs: #122 , #123 , #125 , #126 , #136 , #146 , #149 , #162 , #174 , #176
2018-03-05 10:30:27 +00:00
4f664bb240
Merge remote-tracking branch 'upstream/master'
2018-03-05 10:48:09 +01:00
b794d53a28
Add "Web-Shells"
2017-12-20 16:32:34 +00:00
25d4ac447e
rename 's/_/-/g'
2017-08-23 14:55:06 +01:00
toxydose
tomcodes
g0tmi1k
Dirk Wetter
g0tmi1k
CyberSemtex
objectified
Daniel Miessler
Thomas Arthus