idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,201 Commits 1 Branch 0 Tags
d35d2815219932b47287ce3710e00734fe85dba5
Commit Graph

383 Commits

Author SHA1 Message Date
toxydose
277b243d61 add slashes. Some servers are redirecting from folders without slashes to folders with slashes in the end of URI, and 302 is returned instead of 200 2018-12-02 02:39:55 +02:00
toxydose
aac5204f75 add clientaccesspolicy.xml and crossdomain.xml files which are usually contains unsafe wildcarded configurations. 2018-12-02 02:23:41 +02:00
tomcodes
613af9601e Add HashiCorp Vault GUI default URL to quickhits.txt 2018-11-21 16:11:47 +01:00
tomcodes
ff8406d36b Add sonar-project.properties file to quickhits.txt 2018-11-21 15:54:22 +01:00
tomcodes
214a277412 Add AWS CodeDeploy appspec.yml file to quickhits.txt 2018-11-21 15:21:42 +01:00
Alexander Bridges
a53dae2a76 Add /wp-json/wp/v2/users 
Add /wp-json/wp/v2/users WP REST API endpoint which exposes sensitive information - list of all WP users, which could be used for brute-force attacks.
 2018-10-31 23:27:00 +02:00
Alexander Bridges
dbfa5e2b1e Add some WP rest API endpoints 
reference: http://v2.wp-api.org/
 2018-10-31 23:19:31 +02:00
Alexander Bridges
85cc7eeadf Added cpanel login page 
reference: https://www.webhostinghub.com/help/learn/cpanel/getting-started/how-to-login-to-cpanel
 2018-10-30 01:00:31 +02:00
g0tmi1k
3327ec8b40 Merge pull request #229 from drwetter/patch-1 
Correct 1 typo in typo3 login ;-)
 2018-10-23 12:53:05 +01:00
Dirk Wetter
e8b1df5f84 Correct 1 typo in typo3 login 
/typo3/in is IMHO not the login.
 2018-10-23 13:50:09 +02:00
Alexander Bridges
2ced567e86 Add Wordpress and Shopware login pages 
Added common Wordpress and Shopware CMS's login forms.

References:
https://premium.wpmudev.org/blog/find-wordpress-login/
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/wordpress.fuzz.txt
https://github.com/toxydose/SecLists/blob/master/Discovery/Web-Content/CMS/shopware.txt
 2018-10-23 13:46:26 +03:00
Alexander Bridges
5a88be0c4f Add Shopware common sensitive files wordlist. 
Shopware is open source e-commerce software 
https://github.com/shopware/shopware 
Shopware wordlist was not presented in this directory. The file should be improved and expanded
 2018-10-17 17:19:53 +03:00
g0tmi1k
d68ba5f9ed Rename "_" -> "-" & found a few new homes 2018-10-15 13:08:10 +01:00
CyberSemtex
a9e9e80884 Deleted the params and functions wordlists. Merged the boring_headers and headers file together then created a version with uppercases 1st letters (including after dashes) and a full uppercase version. Every file have been sorted with -u option to delete duplicates. Hit me up if you find something wrong. 2018-10-04 23:46:58 +02:00
CyberSemtex
a2f0c2cb00 Added the wordlists from param-miner extension of BurpSuite by @albinowax 2018-10-04 23:45:21 +02:00
objectified
bc97ca41f5 added wordlist for Spring Boot (Actuator) 2018-08-23 20:22:01 +02:00
g0tmi1k
201e2abfb5 Close #195 - Confluence administration 
Source: https://confluence.atlassian.com/doc/using-apache-to-limit-access-to-the-confluence-administration-interface-216433019.html
 2018-07-05 07:21:57 +01:00
frite
a3cce76170 Adding jhaddix DNS entries file. 2018-06-30 22:09:30 +01:00
g0tmi1k
3f79d071ce Quick move about 2018-03-21 17:47:29 +00:00
g0tmi1k
c524f768bf Close #148 - More Lotus Domino 
Source: https://github.com/danielmiessler/SecLists/issues/148
Source: 6300758c46/modules/auxiliary/scanner/lotus/lotus_domino_version.rb
Source: 583d0a5ade/domi_owned/fingerprint.py (L60-L72)
 2018-03-21 17:07:45 +00:00
g0tmi1k
2ff356ee2a Add domi-owned 
Source: https://github.com/coldfusion39/domi-owned
 2018-03-21 17:04:37 +00:00
g0tmi1k
df9697d189 Add Domino-Hunter 
Source: https://sourceforge.net/projects/dominohunter/
 2018-03-21 16:59:57 +00:00
g0tmi1k
7a9a7c6c35 Close #135 - Default web roots (WIP!) 2018-03-21 16:50:02 +00:00
g0tmi1k
2b697209a8 Close #127 - Merge similar WebLogic files 
Command:
cat Weblogic.fuzz.txt weblogic.txt | sed -e 's/^\///' -e 's/ $//' | sort -u | sed -e 's/^/\//' > /tmp/weblogic.txt; mv {/tmp/,}weblogic.txt
cat Websphere.fuzz.txt websphere.txt | sed -e 's/^\///' -e 's/ $//' | sort -u | sed -e 's/^/\//' > /tmp/websphere.txt; mv {/tmp/,}websphere.txt
 2018-03-21 16:44:33 +00:00
g0tmi1k
bddd77825e Close #145 - Update Common_PHP_Filenames.txt (admin*.php) 2018-03-21 16:14:59 +00:00
g0tmi1k
1863878864 Close #153 - Update ApacheTomcat.fuzz.txt 2018-03-21 16:10:27 +00:00
g0tmi1k
1e13b9dc15 Close #177 - Update apache.txt (Add php.ini) 2018-03-21 16:03:59 +00:00
Daniel Miessler
befbd5b20d Merge pull request #168 from tomcodes/master 
Add gitlab related urls to quickhits.txt
 2018-03-19 19:14:58 -07:00
g0tmi1k
3043259a0a Removed domains & duplicates (Fix #138) 2018-03-07 11:42:24 +00:00
g0tmi1k
58fadb9d32 Removed duplicate lines (Start of fix: #138) 2018-03-07 11:15:09 +00:00
g0tmi1k
08f12147a3 Add "-" to split up words, moved files since PR accepted 
- PRs: #122, #123, #125, #126, #136, #146, #149, #162, #174, #176
 2018-03-05 10:30:27 +00:00
g0tmi1k
47afcb61e2 Removed duplicate files 2018-03-05 10:04:37 +00:00
g0tmi1k
7a55e1871c Remove pointless files. 2018-03-05 09:52:00 +00:00
Thomas Arthus
4f664bb240 Merge remote-tracking branch 'upstream/master' 2018-03-05 10:48:09 +01:00
Daniel Miessler
93984aaffd Merge pull request #146 from giomke/patch-1 
Create coin miners list
 2018-03-04 12:32:27 -08:00
Daniel Miessler
24e9df940f Merge pull request #136 from mazen160/master 
Added @mazen160 wordlist for common web API endpoints.
 2018-03-04 12:27:24 -08:00
Daniel Miessler
1ed82e703a Merge pull request #125 from Rbcafe/patch-1 
Create flyspray-1.0RC4
 2018-03-04 12:24:19 -08:00
Daniel Miessler
b5d9ff5705 Merge pull request #126 from Rbcafe/patch-2 
Create piwik-3.0.4
 2018-03-04 12:23:52 -08:00
Daniel Miessler
49a6d721ff Merge pull request #128 from g0tmi1k/structure 
Structure Clean Up
 2018-03-04 12:23:06 -08:00
tomcodes
084e597f0e Add gitlab related urls to quickhits.txt 2018-01-24 09:30:54 +01:00
Daniel Miessler
7cf6e78ff5 Addded Darkweb 10,100,1K,10K to Passwords. 2018-01-02 21:46:14 -08:00
g0tmi1k
b794d53a28 Add "Web-Shells" 2017-12-20 16:32:34 +00:00
Daniel Miessler
b794ed7aaa Updated licensing. 2017-12-19 05:17:27 -08:00
g0tmi1k
85ac8e9be7 Fix merge conflict 2017-11-27 15:08:43 +00:00
Giorgi Mkervalishvili
a1964c7fae Create coin miners list 
It's not exactly security issue but sometimes this sources is indicator of  compromise
 2017-10-19 10:44:28 +04:00
Jason Haddix
bc2b43d815 Create AdobeCQ-AEM 2017-10-01 16:15:20 -07:00
Jason Haddix
e206be9ce5 Create Jenkins-Hudson.txt 2017-09-27 23:44:51 -07:00
Mazin Ahmed
7bbc06c6e2 Added @mazen160 wordlist for common web API endpoints. 2017-09-26 01:17:27 +03:00
g0tmi1k
25d4ac447e rename 's/_/-/g' 2017-08-23 14:55:06 +01:00
g0tmi1k
7ac72f1003 Removed duplicate files 2017-07-11 13:59:26 +01:00