idan/SecLists
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
1,255 Commits 1 Branch 0 Tags
eaf1c8263ff3257d26ea6d9ee10734b925c17354
Commit Graph

408 Commits

Author SHA1 Message Date
g0tmi1k
58370984a4 Merge pull request #687 from righettod/master 
Add "h2-console" word

https://mp.weixin.qq.com/s/Yn5U8WHGJZbTJsxwUU3UiQ
https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console
https://www.shodan.io/search?query=http.title%3A%22H2+Console%22
 2022-01-31 23:22:06 +00:00
g0tmi1k
5a4d4f7ebc Merge pull request #686 from AddaxSoft/patch-2 
added 8443, tomcat ssl
 2022-01-31 23:21:24 +00:00
g0tmi1k
2dac179038 Merge pull request #685 from wdahlenburg/master 
Adding Spring Boot Gateway Actuator

https://wya.pl/2021/12/20/bring-your-own-ssrf-the-gateway-actuator/
 2022-01-31 23:20:57 +00:00
g0tmi1k
6dd17288aa Merge pull request #678 from righettod/feature_update_namelist 
Add new sub domain names

https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/generate-vhost-names-dict.sh
 2022-01-31 23:09:45 +00:00
Dominique RIGHETTO
22908368be Add "h2-console" word 2022-01-08 13:45:09 +01:00
A.K
6757c71ffe added 8443, tomcat ssl 2021-12-21 11:43:25 +01:00
Wyatt Dahlenburg
ecf264f825 Adding the springboot gateway actuator 2021-12-20 15:25:09 -06:00
Dominique RIGHETTO
9fab26bbb6 Add new sub domain names 2021-12-11 07:06:17 +01:00
Varun Kakumani
31a89fd18d Added latest years to dictionary 2021-12-02 02:04:03 +05:30
g0tmi1k
23469eb06f Merge pull request #633 from basubanakar/patch-1 
Update nginx.txt
 2021-11-24 10:00:07 +00:00
g0tmi1k
c129a01483 Merge pull request #640 from mxrch/patch-1 
adding "dismiss" to big.txt
 2021-11-24 09:59:49 +00:00
g0tmi1k
d1a222afff Merge pull request #649 from PinkDev1/master 
Many more scopes, and cleanup of oauth-oidc-scopes.txt

- https://developers.google.com/identity/protocols/oauth2/scopes
- https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps
- https://api.slack.com/legacy/oauth-scopes
- https://developers.dropbox.com/oauth-guide 
- https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims
 2021-11-24 09:57:54 +00:00
g0tmi1k
94f8cd291e Merge pull request #659 from righettod/feature_enrich_jenkins 
Add new endpoints to the jenkins dict.

Source: https://www.jenkins.io/download/
 2021-11-24 09:54:24 +00:00
Dirk Wetter
6e13335da2 Avoid 301 
trailing slash is needed here
 2021-11-08 17:06:31 +01:00
Dirk Wetter
5439c5ee29 Create hashicorp-vault.txt 
see https://www.vaultproject.io/api/system/seal 

Had to close #665 as leading v1 was missing. This one works (confirmed myself)
 2021-11-08 16:17:03 +01:00
PinkDev1
61c5f5a018 Added a couple of scopes 
https://infosecwriteups.com/how-did-i-earned-6000-from-tokens-and-scopes-in-one-day-12f95c6bf8aa?source=rss----7b722bfd1b8d---4&gi=1e1df8e602a6
 2021-10-18 01:36:33 +00:00
Dominique RIGHETTO
5c5c2815f2 Cleanup 2021-10-05 18:41:44 +02:00
Dominique RIGHETTO
f009b45892 Add new endpoints 2021-10-05 18:40:57 +02:00
PinkDev1
0bcb01ad6a Sorted and removed duplicates 2021-09-02 19:25:40 +00:00
PinkDev1
e737a0f96b Added officially recognized OpenID scopes 
from https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims
 2021-09-02 19:24:57 +00:00
PinkDev1
e1c0693292 Added dropbox-app oauth scopes 
Scraped internally
 2021-09-02 19:21:48 +00:00
PinkDev1
30b2c22d24 Removed scopes with nonces/temporary identifiers 
I left `delete-after-date1619708000534-admin` because it seems to have a UNIX timestamp, so it *might* be useful.
 2021-09-02 19:03:43 +00:00
PinkDev1
bb991ad09a Sorted and removed duplicates from oauth-oidc-scopes.txt 2021-09-02 19:00:44 +00:00
PinkDev1
647366b113 Added 155 scopes to oauth-oidc-scopes.txt 
All of these were manually gathered from:
- https://developers.google.com/identity/protocols/oauth2/scopes
- https://docs.github.com/en/developers/apps/building-oauth-apps/scopes-for-oauth-apps
- https://api.slack.com/legacy/oauth-scopes
- https://dev.fitbit.com/build/reference/web-api/oauth2/#scope
 2021-09-02 18:59:51 +00:00
g0tmi1k
cb81804316 Merge pull request #647 from g0tmi1k/spaces 
dos2unix
 2021-08-28 21:36:19 +01:00
g0tmi1k
44523e27a8 Merge pull request #644 from han0x7300/issues-642 
add "___graphql" to "Discovery/Web-Content/graphql.txt

https://www.gatsbyjs.com/docs/reference/graphql-data-layer/graphql-api/
https://www.gatsbyjs.com/docs/tutorial/part-4/
 2021-08-28 21:31:10 +01:00
g0t mi1k
545e57b02d dos2unix 2021-08-28 21:29:32 +01:00
g0t mi1k
efeb38808c Replace ' ' with ' ' (Empty Characters) 2021-08-28 21:05:13 +01:00
han0x7300
ecd9da9dc2 add ___graphql to Discovery/Web-Content/graphql.txt,https://github.com/danielmiessler/SecLists/issues/642 2021-08-28 11:44:02 +08:00
g0tmi1k
e017d54a22 Merge pull request #643 from 5tr1x/patch-1 
Create aem2.txt
 2021-08-27 21:17:43 +01:00
g0tmi1k
656105853a Merge pull request #592 from afaq1337/patch-1 
Update all.txt
 2021-08-27 21:17:26 +01:00
g0tmi1k
06cfff0475 Merge pull request #621 from jakecraige/patch-1 
Add port 3000 (Ruby on Rails) to common ports

Source: https://guides.rubyonrails.org/command_line.html#bin-rails-server
 2021-08-27 21:16:04 +01:00
g0tmi1k
60fbd42063 Merge pull request #622 from realArcherL/patch-2 
A very new naming scheme for Graphql endpoints
 2021-08-27 21:15:39 +01:00
g0tmi1k
b4637896ef Merge pull request #623 from righettod/feature_add_oauth2-odic_endpoints 
Add missing OAUTH2/OIDC endpoints.

Source: https://righettod.eu.auth0.com/.well-known/openid-configuration
 2021-08-27 21:15:07 +01:00
g0tmi1k
177f25ba69 Merge pull request #625 from cbk914/master 
Some additions

Source: http://www.whatsmypass.com/the-top-500-worst-passwords-of-all-time
 2021-08-27 21:14:37 +01:00
g0tmi1k
01f7723ddd Merge pull request #626 from 7PH/master 
Add waybackverify.txt filename to raft medium and large lists
 2021-08-27 21:13:55 +01:00
g0tmi1k
eea747817d Merge pull request #628 from Anon-Exploiter/patch-1 
Added ga-google-analytics in wp-plugins.txt

Source https://wordpress.org/plugins/ga-google-analytics/
 2021-08-27 21:12:25 +01:00
g0tmi1k
4002c2c970 Merge pull request #630 from whitehauler/patch-1 
Update raft-large-files.txt
 2021-08-27 21:12:01 +01:00
g0tmi1k
de06dbb492 Merge pull request #637 from dabasanta/DaniloBasanta 
Added list of IPv4 address class A&C. Also a script to generate these lists.
 2021-08-27 21:11:24 +01:00
g0tmi1k
d8294e9763 Merge pull request #629 from righettod/feature_add_oauth-oidc_scopes_dict 
Add a dict with OAUTH2/OIDC scopes.
 2021-08-27 21:00:07 +01:00
5tr1x
a45a11ecca Create aem2.txt 2021-08-25 15:22:35 -05:00
mxrch
11eee99996 adding "dismiss" to big.txt 2021-08-22 22:54:33 +02:00
Danilo
6473406b1e Shell script to generate any IP ranges as you need 2021-08-13 12:44:32 -05:00
Danilo
28f2b5b9eb Added list of 192.168.x.x Class B IP range 2021-08-13 12:42:49 -05:00
Danilo
48258a71ce Added list of 10.10.x.x Class A IP range 2021-08-13 12:42:21 -05:00
Crypt-Con
7599d80112 Update nginx.txt 2021-07-31 10:28:09 +05:30
Afaq
0e6d80b6d9 added a critical endpoint 
added a critical endpoint which contains critical DB information.
 2021-07-27 17:39:44 +05:00
Dominique RIGHETTO
388cac333b Merge all versions of the file 2021-07-17 19:28:42 +02:00
Dominique RIGHETTO
48cc424388 Add files via upload 2021-07-17 19:23:28 +02:00
Dominique RIGHETTO
8572bd91ad Update oauth-oidc-scopes.txt 2021-07-17 08:12:51 +02:00