From c4561530b7a35e3b91e5d38130dadfa748381c95 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Sun, 22 Sep 2024 13:14:19 -0300 Subject: [PATCH 1/4] feat(docs): Added documentation for 'fully-qualified-java-classes.txt' wordlist --- Fuzzing/README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Fuzzing/README.md b/Fuzzing/README.md index 1070caef..3b2fee8a 100644 --- a/Fuzzing/README.md +++ b/Fuzzing/README.md @@ -18,4 +18,9 @@ Use for: Fuzzing for [XSS vulnerabilities in URIs](https://www.youtube.com/watch?v=NJulOqWjA9k) Source: [JBroFuzz](https://sourceforge.net/projects/jbrofuzz/) - https://sourceforge.net/p/jbrofuzz/code/HEAD/tree/tar/README-FUZZERS -- https://sourceforge.net/p/jbrofuzz/code/HEAD/tree/tar/fuzzers.jbrf \ No newline at end of file +- https://sourceforge.net/p/jbrofuzz/code/HEAD/tree/tar/fuzzers.jbrf + + +## fully-qualified-java-classes.txt + +Use for: Fuzzing URL parameters in **web applications** to test for **deserialisation** and **type confusion** vulnerabilities. From 6309ef21100509e999476f43bec9282b23ffdb0b Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Thu, 26 Sep 2024 03:09:27 -0300 Subject: [PATCH 2/4] feat(docs): Added documentation for 'Frontpage.fuzz.txt' wordlist --- Discovery/Web-Content/README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index a9a065a0..a40ec4e4 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -112,3 +112,12 @@ Use for: discovering sensitive j2ee files exploiting a lfi - https://gist.github.com/harisec/519dc6b45c6b594908c37d9ac19edbc3 - https://github.com/projectdiscovery/nuclei-templates/blob/master/vulnerabilities/generic/generic-j2ee-lfi.yaml - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LFIModule.java + + +## Frontpage.fuzz.txt +Use for: Fuzzing for common filepaths in webpages designed with **[Microsoft Frontpage](https://en.wikipedia.org/wiki/Microsoft_FrontPage)** + +Year of the first release of Microsoft Frontpage: 1997 +Year of the last release of Microsoft Frontpage: 2003 + +Date of last update: Oct 14, 2010 \ No newline at end of file From bed60716902c21e4a3e6b73d116d48fd52d93718 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Thu, 26 Sep 2024 03:18:33 -0300 Subject: [PATCH 3/4] feat(docs): Added documentation for 'iplanet.txt' wordlist --- Discovery/Web-Content/README.md | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index a40ec4e4..0e4cc773 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -120,4 +120,22 @@ Use for: Fuzzing for common filepaths in webpages designed with **[Microsoft Fro Year of the first release of Microsoft Frontpage: 1997 Year of the last release of Microsoft Frontpage: 2003 +Date of last update: Oct 14, 2010 + + +## jrun.txt +Use for: Fuzzing for common filepaths in webpages served with **[Java Servlet Runner (Adobe JRun)](https://adobe.fandom.com/wiki/JRun)** + +Year of the first release of Java Servlet Runner (Adobe JRun): 1997 +Year of the last release of Java Servlet Runner (Adobe JRun): 2007 + +Date of last update: Oct 14, 2010 + + +## iplanet.txt +Use for: Fuzzing for common filepaths in webpages served with **[Oracle Sun iPlanet](https://www.oracle.com/middleware/technologies/webtier.html)** + +Year of the first release of Java Servlet Runner (Adobe JRun): 1994 +Year of the last release of Java Servlet Runner (Adobe JRun): 2017 + Date of last update: Oct 14, 2010 \ No newline at end of file From c270d0b942d620058d2300a2b4b675eef48e3562 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Thu, 26 Sep 2024 03:47:11 -0300 Subject: [PATCH 4/4] feat(docs): Added documentation for 'Web-Server-Glassfish-Sun-Microsystems.txt' wordlist --- Discovery/Web-Content/README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index 0e4cc773..66da1b7f 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -138,4 +138,13 @@ Use for: Fuzzing for common filepaths in webpages served with **[Oracle Sun iPla Year of the first release of Java Servlet Runner (Adobe JRun): 1994 Year of the last release of Java Servlet Runner (Adobe JRun): 2017 +Date of last update: Oct 14, 2010 + + +## Web-Server-Glassfish-Sun-Microsystems.txt +Use for: Fuzzing for common filepaths in webpages served with **[Glassfish - Sun Microsystems](https://glassfish.org/)** + +Year of the first release of Glassfish: [2005](https://en.wikipedia.org/wiki/GlassFish) +Glassfish is still in recieving updates as of 2024. + Date of last update: Oct 14, 2010 \ No newline at end of file