From 01ba474a290758b66f031f2d2bb3b2c6f7085422 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Thu, 26 Sep 2024 04:22:53 -0300 Subject: [PATCH 01/11] fix(wordlist): renamed wordlist 'Frontpage.fuzz.txt' to 'Microsoft-Frontpage.txt' --- .../Web-Content/{Frontpage.fuzz.txt => Microsoft-Frontpage.txt} | 0 Discovery/Web-Content/README.md | 2 +- 2 files changed, 1 insertion(+), 1 deletion(-) rename Discovery/Web-Content/{Frontpage.fuzz.txt => Microsoft-Frontpage.txt} (100%) diff --git a/Discovery/Web-Content/Frontpage.fuzz.txt b/Discovery/Web-Content/Microsoft-Frontpage.txt similarity index 100% rename from Discovery/Web-Content/Frontpage.fuzz.txt rename to Discovery/Web-Content/Microsoft-Frontpage.txt diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index d85096bb..42523a5c 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -106,7 +106,7 @@ References: - https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LFIModule.java -## Frontpage.fuzz.txt +## Microsoft-Frontpage.txt Use for: Fuzzing for common filepaths in webpages designed with **[Microsoft Frontpage](https://en.wikipedia.org/wiki/Microsoft_FrontPage)** Year of the first release of Microsoft Frontpage: 1997 From 31c6fdf5573063a75f88e76bb8cfc9c12de5cf57 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Thu, 26 Sep 2024 03:43:17 -0300 Subject: [PATCH 02/11] fix(wordlist): renamed wordlist 'SunAppServerGlassfish.fuzz.txt' to 'Web-Server-Glassfish-Sun-Microsystems.txt' --- ...assfish.fuzz.txt => Web-Server-Glassfish-Sun-Microsystems.txt} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Discovery/Web-Content/{SunAppServerGlassfish.fuzz.txt => Web-Server-Glassfish-Sun-Microsystems.txt} (100%) diff --git a/Discovery/Web-Content/SunAppServerGlassfish.fuzz.txt b/Discovery/Web-Content/Web-Server-Glassfish-Sun-Microsystems.txt similarity index 100% rename from Discovery/Web-Content/SunAppServerGlassfish.fuzz.txt rename to Discovery/Web-Content/Web-Server-Glassfish-Sun-Microsystems.txt From f7a9458fb3fd610b50a48eb0106d768a719345fc Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 20:56:18 -0300 Subject: [PATCH 03/11] chore(docs): Removed '.fuzz' from multiple wordlist filenames --- .../{CommonBackdoors-ASP.fuzz.txt => CommonBackdoors-ASP.txt} | 0 .../{CommonBackdoors-JSP.fuzz.txt => CommonBackdoors-JSP.txt} | 0 .../{CommonBackdoors-PHP.fuzz.txt => CommonBackdoors-PHP.txt} | 0 .../{CommonBackdoors-PL.fuzz.txt => CommonBackdoors-PL.txt} | 0 4 files changed, 0 insertions(+), 0 deletions(-) rename Discovery/Web-Content/{CommonBackdoors-ASP.fuzz.txt => CommonBackdoors-ASP.txt} (100%) rename Discovery/Web-Content/{CommonBackdoors-JSP.fuzz.txt => CommonBackdoors-JSP.txt} (100%) rename Discovery/Web-Content/{CommonBackdoors-PHP.fuzz.txt => CommonBackdoors-PHP.txt} (100%) rename Discovery/Web-Content/{CommonBackdoors-PL.fuzz.txt => CommonBackdoors-PL.txt} (100%) diff --git a/Discovery/Web-Content/CommonBackdoors-ASP.fuzz.txt b/Discovery/Web-Content/CommonBackdoors-ASP.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-ASP.fuzz.txt rename to Discovery/Web-Content/CommonBackdoors-ASP.txt diff --git a/Discovery/Web-Content/CommonBackdoors-JSP.fuzz.txt b/Discovery/Web-Content/CommonBackdoors-JSP.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-JSP.fuzz.txt rename to Discovery/Web-Content/CommonBackdoors-JSP.txt diff --git a/Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt b/Discovery/Web-Content/CommonBackdoors-PHP.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-PHP.fuzz.txt rename to Discovery/Web-Content/CommonBackdoors-PHP.txt diff --git a/Discovery/Web-Content/CommonBackdoors-PL.fuzz.txt b/Discovery/Web-Content/CommonBackdoors-PL.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-PL.fuzz.txt rename to Discovery/Web-Content/CommonBackdoors-PL.txt From b543eb833311e7ad63a8b429ce32b0379168cd0b Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 22:07:22 -0300 Subject: [PATCH 04/11] chore(docs): Small formatting improvement --- Discovery/Web-Content/README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index 42523a5c..f00e0161 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -110,7 +110,6 @@ References: Use for: Fuzzing for common filepaths in webpages designed with **[Microsoft Frontpage](https://en.wikipedia.org/wiki/Microsoft_FrontPage)** Year of the first release of Microsoft Frontpage: 1997 -Year of the last release of Microsoft Frontpage: 2003 Date of last update: Oct 14, 2010 From 2191d02d4f119473664b132fb9486688f3c5e32c Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 21:51:59 -0300 Subject: [PATCH 05/11] feat(docs): Added documentation for 'Apache-Axis.txt' wordlist --- Discovery/Web-Content/Web-Servers/README.md | 66 +++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 Discovery/Web-Content/Web-Servers/README.md diff --git a/Discovery/Web-Content/Web-Servers/README.md b/Discovery/Web-Content/Web-Servers/README.md new file mode 100644 index 00000000..d9197da5 --- /dev/null +++ b/Discovery/Web-Content/Web-Servers/README.md @@ -0,0 +1,66 @@ +# Web-Server wordlists + +The wordlists contained in this directory are specific for testing certain **web server software**. + +## Java-Servlet-Runner-Adobe-JRun +Use for: Fuzzing for common filepaths in webpages served with **[Java Servlet Runner (Adobe JRun)](https://adobe.fandom.com/wiki/JRun)** + +Year of the first release of Java Servlet Runner (Adobe JRun): 1997 +Year of the last release of Java Servlet Runner (Adobe JRun): 2007 + +Date of last update: Oct 14, 2010 + + +## Oracle-Sun-iPlanet.txt +Use for: Fuzzing for common filepaths in webpages served with **[Oracle Sun iPlanet](https://www.oracle.com/middleware/technologies/webtier.html)** + +Year of the first release of Sun-iPlanet (Adobe JRun): 1994 +Year of the last release of Sun-iPlanet (Adobe JRun): 2017 + +Date of last update: Oct 14, 2010 + + +## Glassfish-Sun-Microsystems.txt +Use for: Fuzzing for common filepaths in webpages served with **[Glassfish - Sun Microsystems](https://glassfish.org/)** + +Year of the first release of Glassfish: [2005](https://en.wikipedia.org/wiki/GlassFish) +Glassfish is still in recieving updates as of 2024. + +Date of last update: Oct 14, 2010 + + +## Apache.fuzz.txt +Use for: Discvering sensitive content in Apache web servers. +Date of last update: Jan 26, 2015 + + +## Apache-Tomcat.txt +Use for: Discovering sensitive content in Apache Tomcat servers. +Date of last update: Dec 14, 2017 + + +## iis-systemweb.txt +Use for: Fuzzing the `/aspnet_client/system_web/` directory on [Microsoft IIS](https://www.iis.net/) servers to detect **CGIs** and **scripts** even even if the two ladder directories are inaccessible. + +Reference: https://github.com/irsdl/IIS-ShortName-Scanner +Discussion: https://github.com/danielmiessler/SecLists/pull/783 + +Date of last update: Jun 27, 2022 + + +## JBoss.txt +Use for: Fuzzing for common filepaths in webpages served with **[JBoss - RedHat](https://jbossas.jboss.org)** (not to be confused with "JBoss EAP"). + +Date of the first release of JBoss: [2002-05-29](https://jbossas.jboss.org/downloads/) +Date of the last release of JBoss: 2012-03-09 + +Date of last wordlist update: Feb 27, 2014 + + +## Apache-Axis.txt +Use for: Fuzzing for common filepaths in webpages created with **[Apache Axis](https://axis.apache.org/axis/)** + +Date of the first release of Apache Axis: [2002-10-07](https://jbossas.jboss.org/downloads/) +Date of the last release of Apache Axis: 2006-04-22 + +Date of last wordlist update: Feb 27, 2014 \ No newline at end of file From d1344a99c23d2abf99a38d54516e9c6a786bbce9 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 06:34:19 -0300 Subject: [PATCH 06/11] feat(docs): Added documentation for 'iis-systemweb.txt' wordlist --- Discovery/Web-Content/README.md | 33 ++++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index f00e0161..3ec0a756 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -138,4 +138,35 @@ Use for: Fuzzing for common filepaths in webpages served with **[Glassfish - Sun Year of the first release of Glassfish: [2005](https://en.wikipedia.org/wiki/GlassFish) Glassfish is still in recieving updates as of 2024. -Date of last update: Oct 14, 2010 \ No newline at end of file +Date of last update: Oct 14, 2010 + + +## Oracle-EBS-wordlist.txt +Use for: Fuzzing for common filepaths of [Oracle E-Business Suite](https://www.oracle.com/applications/ebusiness/) (EBS) version 11. + +EBS v11 exposes: +- usernames +- ports +- OS information +- protocol information +- Unauthenticated file upload +- Cookie contents +- SHA-1 hashed passwords + +As an Unauthenticated user it's also possible to: +- Create forms +- Get servlets status +- Get certain configuration files + +Reference: https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/ + +Date of last update: Oct 7, 2019 + + +## iis-systemweb.txt +Use for: Fuzzing the `/aspnet_client/system_web/` directory on [Microsoft IIS](https://www.iis.net/) servers to detect **CGIs** and **scripts** even even if the two ladder directories are inaccessible. + +Reference: https://github.com/irsdl/IIS-ShortName-Scanner +Discussion: https://github.com/danielmiessler/SecLists/pull/783 + +Date of last update: Jun 27, 2022 \ No newline at end of file From b2c0a853cdc0607d699c20dc082a4e79bb349725 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 19:29:11 -0300 Subject: [PATCH 07/11] feat(docs): Added documentation for 'JBoss.txt' wordlist --- Discovery/Web-Content/Web-Servers/README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Discovery/Web-Content/Web-Servers/README.md b/Discovery/Web-Content/Web-Servers/README.md index d9197da5..7103b05a 100644 --- a/Discovery/Web-Content/Web-Servers/README.md +++ b/Discovery/Web-Content/Web-Servers/README.md @@ -61,6 +61,4 @@ Date of last wordlist update: Feb 27, 2014 Use for: Fuzzing for common filepaths in webpages created with **[Apache Axis](https://axis.apache.org/axis/)** Date of the first release of Apache Axis: [2002-10-07](https://jbossas.jboss.org/downloads/) -Date of the last release of Apache Axis: 2006-04-22 - -Date of last wordlist update: Feb 27, 2014 \ No newline at end of file +Date of the last release of Apache Axis: 2006-04-22 \ No newline at end of file From ad5b80a49a6e6786cc054f9c887c1e2516559a6c Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 22:01:42 -0300 Subject: [PATCH 08/11] feat(docs): Added documentation for 'Microsoft-Forefront-Identity-Manager.txt' wordlist --- .../Microsoft-Forefront-Identity-Manager.txt} | 0 Discovery/Web-Content/Service-Specific/README.md | 11 +++++++++++ 2 files changed, 11 insertions(+) rename Discovery/Web-Content/{forefront-identity-management.txt => Service-Specific/Microsoft-Forefront-Identity-Manager.txt} (100%) create mode 100644 Discovery/Web-Content/Service-Specific/README.md diff --git a/Discovery/Web-Content/forefront-identity-management.txt b/Discovery/Web-Content/Service-Specific/Microsoft-Forefront-Identity-Manager.txt similarity index 100% rename from Discovery/Web-Content/forefront-identity-management.txt rename to Discovery/Web-Content/Service-Specific/Microsoft-Forefront-Identity-Manager.txt diff --git a/Discovery/Web-Content/Service-Specific/README.md b/Discovery/Web-Content/Service-Specific/README.md new file mode 100644 index 00000000..eda7acea --- /dev/null +++ b/Discovery/Web-Content/Service-Specific/README.md @@ -0,0 +1,11 @@ +# Service-Specific wordlists + +These wordlists are for testing specific web-based services. + +## Microsoft-Forefront-Identity-Manager.txt +Use for: Fuzzing for common filepaths in **[Microsoft Forefront Identity Manager](https://learn.microsoft.com/en-us/previous-versions/windows/desktop/forefront-2010/ee652374(v=vs.100)) deployments.** + +Date of the first release of Microsoft Forefront Identity Manager: [2010-05-27](https://learn.microsoft.com/en-us/lifecycle/products/?terms=forefront%20identity) +Date of the last release of Microsoft Forefront Identity Manager: 2013-01-15 + +Date of last wordlist update: May 14, 2020 \ No newline at end of file From b007254bdf39568343c0c857bfcfdf0eca3764d5 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 05:54:30 -0300 Subject: [PATCH 09/11] feat(docs): Added documentation for 'Oracle-EBS-wordlist.txt' wordlist --- Discovery/Web-Content/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index 3ec0a756..2329ff97 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -169,4 +169,4 @@ Use for: Fuzzing the `/aspnet_client/system_web/` directory on [Microsoft IIS](h Reference: https://github.com/irsdl/IIS-ShortName-Scanner Discussion: https://github.com/danielmiessler/SecLists/pull/783 -Date of last update: Jun 27, 2022 \ No newline at end of file +Date of last update: Jun 27, 2022 From 0b453325ab861a7ca5bdb34539667bc8fe86f1c9 Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 20:54:46 -0300 Subject: [PATCH 10/11] feat(docs): Moved programming-language-specific wordlists into their own directory --- .../ASP.NET/CommonBackdoors-ASP.fuzz.txt} | 0 .../ASP.NET/ELMAH-Debugger.txt} | 0 .../{ => Programming-Language-Specific}/Common-PHP-Filenames.txt | 0 .../CommonBackdoors-JSP.fuzz.txt} | 0 .../CommonBackdoors-PHP.fuzz.txt} | 0 .../CommonBackdoors-PL.fuzz.txt} | 0 .../Web-Content/{ => Programming-Language-Specific}/PHP.fuzz.txt | 0 .../Web-Content/{ => Programming-Language-Specific}/golang.txt | 0 Discovery/Web-Content/{ => Programming-Language-Specific}/ror.txt | 0 9 files changed, 0 insertions(+), 0 deletions(-) rename Discovery/Web-Content/{CommonBackdoors-ASP.txt => Programming-Language-Specific/ASP.NET/CommonBackdoors-ASP.fuzz.txt} (100%) rename Discovery/Web-Content/{elmah.txt => Programming-Language-Specific/ASP.NET/ELMAH-Debugger.txt} (100%) mode change 100755 => 100644 rename Discovery/Web-Content/{ => Programming-Language-Specific}/Common-PHP-Filenames.txt (100%) rename Discovery/Web-Content/{CommonBackdoors-JSP.txt => Programming-Language-Specific/CommonBackdoors-JSP.fuzz.txt} (100%) rename Discovery/Web-Content/{CommonBackdoors-PHP.txt => Programming-Language-Specific/CommonBackdoors-PHP.fuzz.txt} (100%) rename Discovery/Web-Content/{CommonBackdoors-PL.txt => Programming-Language-Specific/CommonBackdoors-PL.fuzz.txt} (100%) rename Discovery/Web-Content/{ => Programming-Language-Specific}/PHP.fuzz.txt (100%) rename Discovery/Web-Content/{ => Programming-Language-Specific}/golang.txt (100%) rename Discovery/Web-Content/{ => Programming-Language-Specific}/ror.txt (100%) diff --git a/Discovery/Web-Content/CommonBackdoors-ASP.txt b/Discovery/Web-Content/Programming-Language-Specific/ASP.NET/CommonBackdoors-ASP.fuzz.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-ASP.txt rename to Discovery/Web-Content/Programming-Language-Specific/ASP.NET/CommonBackdoors-ASP.fuzz.txt diff --git a/Discovery/Web-Content/elmah.txt b/Discovery/Web-Content/Programming-Language-Specific/ASP.NET/ELMAH-Debugger.txt old mode 100755 new mode 100644 similarity index 100% rename from Discovery/Web-Content/elmah.txt rename to Discovery/Web-Content/Programming-Language-Specific/ASP.NET/ELMAH-Debugger.txt diff --git a/Discovery/Web-Content/Common-PHP-Filenames.txt b/Discovery/Web-Content/Programming-Language-Specific/Common-PHP-Filenames.txt similarity index 100% rename from Discovery/Web-Content/Common-PHP-Filenames.txt rename to Discovery/Web-Content/Programming-Language-Specific/Common-PHP-Filenames.txt diff --git a/Discovery/Web-Content/CommonBackdoors-JSP.txt b/Discovery/Web-Content/Programming-Language-Specific/CommonBackdoors-JSP.fuzz.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-JSP.txt rename to Discovery/Web-Content/Programming-Language-Specific/CommonBackdoors-JSP.fuzz.txt diff --git a/Discovery/Web-Content/CommonBackdoors-PHP.txt b/Discovery/Web-Content/Programming-Language-Specific/CommonBackdoors-PHP.fuzz.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-PHP.txt rename to Discovery/Web-Content/Programming-Language-Specific/CommonBackdoors-PHP.fuzz.txt diff --git a/Discovery/Web-Content/CommonBackdoors-PL.txt b/Discovery/Web-Content/Programming-Language-Specific/CommonBackdoors-PL.fuzz.txt similarity index 100% rename from Discovery/Web-Content/CommonBackdoors-PL.txt rename to Discovery/Web-Content/Programming-Language-Specific/CommonBackdoors-PL.fuzz.txt diff --git a/Discovery/Web-Content/PHP.fuzz.txt b/Discovery/Web-Content/Programming-Language-Specific/PHP.fuzz.txt similarity index 100% rename from Discovery/Web-Content/PHP.fuzz.txt rename to Discovery/Web-Content/Programming-Language-Specific/PHP.fuzz.txt diff --git a/Discovery/Web-Content/golang.txt b/Discovery/Web-Content/Programming-Language-Specific/golang.txt similarity index 100% rename from Discovery/Web-Content/golang.txt rename to Discovery/Web-Content/Programming-Language-Specific/golang.txt diff --git a/Discovery/Web-Content/ror.txt b/Discovery/Web-Content/Programming-Language-Specific/ror.txt similarity index 100% rename from Discovery/Web-Content/ror.txt rename to Discovery/Web-Content/Programming-Language-Specific/ror.txt From a71fc0807e8c0139708262807439b6d86a02c09d Mon Sep 17 00:00:00 2001 From: "Ignacio J. Perez Portal" <5990@protonmail.com> Date: Wed, 9 Oct 2024 17:42:39 -0300 Subject: [PATCH 11/11] feat(docs): Moved Web-Server wordlists into their own directory --- Discovery/Web-Content/README.md | 42 ++----------------- .../Apache-Tomcat.txt} | 0 .../Apache.txt} | 0 .../Glassfish-Sun-Microsystems.txt} | 0 .../IIS-systemweb.txt} | 0 .../{ => Web-Servers}/IIS.fuzz.txt | 0 .../Java-Servlet-Runner-Adobe-JRun.txt} | 0 .../Oracle-Sun-iPlanet.txt} | 0 Discovery/Web-Content/Web-Servers/README.md | 6 ++- Discovery/Web-Content/apache.txt | 33 --------------- 10 files changed, 9 insertions(+), 72 deletions(-) rename Discovery/Web-Content/{tomcat.txt => Web-Servers/Apache-Tomcat.txt} (100%) rename Discovery/Web-Content/{Apache.fuzz.txt => Web-Servers/Apache.txt} (100%) rename Discovery/Web-Content/{Web-Server-Glassfish-Sun-Microsystems.txt => Web-Servers/Glassfish-Sun-Microsystems.txt} (100%) rename Discovery/Web-Content/{iis-systemweb.txt => Web-Servers/IIS-systemweb.txt} (100%) rename Discovery/Web-Content/{ => Web-Servers}/IIS.fuzz.txt (100%) rename Discovery/Web-Content/{Web-Server-Java-Servlet-Runner-Adobe-JRun.txt => Web-Servers/Java-Servlet-Runner-Adobe-JRun.txt} (100%) rename Discovery/Web-Content/{Web-Server-Oracle-Sun-iPlanet.txt => Web-Servers/Oracle-Sun-iPlanet.txt} (100%) delete mode 100644 Discovery/Web-Content/apache.txt diff --git a/Discovery/Web-Content/README.md b/Discovery/Web-Content/README.md index 2329ff97..2f3a0c97 100644 --- a/Discovery/Web-Content/README.md +++ b/Discovery/Web-Content/README.md @@ -10,14 +10,6 @@ Use for: Discovering sensitive filepaths of **Adobe ColdFusion** Creation date: Aug 27, 2012 No updates have been made to this wordlist since its creation. -## Apache.fuzz.txt -Use for: Discvering sensitive content in Apache web servers. -Date of last update: Jan 26, 2015 - -## ApacheTomcat.fuzz.txt -Use for: Discovering sensitive content in Apache Tomcat servers. -Date of last update: Dec 14, 2017 - ## CGI-HTTP-POST-Windows.fuzz.txt Use for: Exploiting various vulnerabilities in the now defunct WYSIWYG HTML editor and website administration tool, [Microsoft FrontPage](https://en.wikipedia.org/wiki/Microsoft_FrontPage) Source: https://github.com/deepak0401/Front-Page-Exploit @@ -111,36 +103,6 @@ Use for: Fuzzing for common filepaths in webpages designed with **[Microsoft Fro Year of the first release of Microsoft Frontpage: 1997 -Date of last update: Oct 14, 2010 - - -## Web-Server-Java-Servlet-Runner-Adobe-JRun -Use for: Fuzzing for common filepaths in webpages served with **[Java Servlet Runner (Adobe JRun)](https://adobe.fandom.com/wiki/JRun)** - -Year of the first release of Java Servlet Runner (Adobe JRun): 1997 -Year of the last release of Java Servlet Runner (Adobe JRun): 2007 - -Date of last update: Oct 14, 2010 - - -## Web-Server-Oracle-Sun-iPlanet.txt -Use for: Fuzzing for common filepaths in webpages served with **[Oracle Sun iPlanet](https://www.oracle.com/middleware/technologies/webtier.html)** - -Year of the first release of Sun-iPlanet (Adobe JRun): 1994 -Year of the last release of Sun-iPlanet (Adobe JRun): 2017 - -Date of last update: Oct 14, 2010 - - -## Web-Server-Glassfish-Sun-Microsystems.txt -Use for: Fuzzing for common filepaths in webpages served with **[Glassfish - Sun Microsystems](https://glassfish.org/)** - -Year of the first release of Glassfish: [2005](https://en.wikipedia.org/wiki/GlassFish) -Glassfish is still in recieving updates as of 2024. - -Date of last update: Oct 14, 2010 - - ## Oracle-EBS-wordlist.txt Use for: Fuzzing for common filepaths of [Oracle E-Business Suite](https://www.oracle.com/applications/ebusiness/) (EBS) version 11. @@ -163,6 +125,7 @@ Reference: https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telli Date of last update: Oct 7, 2019 +<<<<<<< HEAD ## iis-systemweb.txt Use for: Fuzzing the `/aspnet_client/system_web/` directory on [Microsoft IIS](https://www.iis.net/) servers to detect **CGIs** and **scripts** even even if the two ladder directories are inaccessible. @@ -170,3 +133,6 @@ Reference: https://github.com/irsdl/IIS-ShortName-Scanner Discussion: https://github.com/danielmiessler/SecLists/pull/783 Date of last update: Jun 27, 2022 +======= +Date of last update: Oct 14, 2010 +>>>>>>> 0a6cbb9c (feat(docs): Moved Web-Server wordlists into their own directory) diff --git a/Discovery/Web-Content/tomcat.txt b/Discovery/Web-Content/Web-Servers/Apache-Tomcat.txt similarity index 100% rename from Discovery/Web-Content/tomcat.txt rename to Discovery/Web-Content/Web-Servers/Apache-Tomcat.txt diff --git a/Discovery/Web-Content/Apache.fuzz.txt b/Discovery/Web-Content/Web-Servers/Apache.txt similarity index 100% rename from Discovery/Web-Content/Apache.fuzz.txt rename to Discovery/Web-Content/Web-Servers/Apache.txt diff --git a/Discovery/Web-Content/Web-Server-Glassfish-Sun-Microsystems.txt b/Discovery/Web-Content/Web-Servers/Glassfish-Sun-Microsystems.txt similarity index 100% rename from Discovery/Web-Content/Web-Server-Glassfish-Sun-Microsystems.txt rename to Discovery/Web-Content/Web-Servers/Glassfish-Sun-Microsystems.txt diff --git a/Discovery/Web-Content/iis-systemweb.txt b/Discovery/Web-Content/Web-Servers/IIS-systemweb.txt similarity index 100% rename from Discovery/Web-Content/iis-systemweb.txt rename to Discovery/Web-Content/Web-Servers/IIS-systemweb.txt diff --git a/Discovery/Web-Content/IIS.fuzz.txt b/Discovery/Web-Content/Web-Servers/IIS.fuzz.txt similarity index 100% rename from Discovery/Web-Content/IIS.fuzz.txt rename to Discovery/Web-Content/Web-Servers/IIS.fuzz.txt diff --git a/Discovery/Web-Content/Web-Server-Java-Servlet-Runner-Adobe-JRun.txt b/Discovery/Web-Content/Web-Servers/Java-Servlet-Runner-Adobe-JRun.txt similarity index 100% rename from Discovery/Web-Content/Web-Server-Java-Servlet-Runner-Adobe-JRun.txt rename to Discovery/Web-Content/Web-Servers/Java-Servlet-Runner-Adobe-JRun.txt diff --git a/Discovery/Web-Content/Web-Server-Oracle-Sun-iPlanet.txt b/Discovery/Web-Content/Web-Servers/Oracle-Sun-iPlanet.txt similarity index 100% rename from Discovery/Web-Content/Web-Server-Oracle-Sun-iPlanet.txt rename to Discovery/Web-Content/Web-Servers/Oracle-Sun-iPlanet.txt diff --git a/Discovery/Web-Content/Web-Servers/README.md b/Discovery/Web-Content/Web-Servers/README.md index 7103b05a..54726385 100644 --- a/Discovery/Web-Content/Web-Servers/README.md +++ b/Discovery/Web-Content/Web-Servers/README.md @@ -45,6 +45,7 @@ Use for: Fuzzing the `/aspnet_client/system_web/` directory on [Microsoft IIS](h Reference: https://github.com/irsdl/IIS-ShortName-Scanner Discussion: https://github.com/danielmiessler/SecLists/pull/783 +<<<<<<< HEAD Date of last update: Jun 27, 2022 @@ -61,4 +62,7 @@ Date of last wordlist update: Feb 27, 2014 Use for: Fuzzing for common filepaths in webpages created with **[Apache Axis](https://axis.apache.org/axis/)** Date of the first release of Apache Axis: [2002-10-07](https://jbossas.jboss.org/downloads/) -Date of the last release of Apache Axis: 2006-04-22 \ No newline at end of file +Date of the last release of Apache Axis: 2006-04-22 +======= +Date of last update: Jun 27, 2022 +>>>>>>> 0a6cbb9c (feat(docs): Moved Web-Server wordlists into their own directory) diff --git a/Discovery/Web-Content/apache.txt b/Discovery/Web-Content/apache.txt deleted file mode 100644 index 2ad47572..00000000 --- a/Discovery/Web-Content/apache.txt +++ /dev/null @@ -1,33 +0,0 @@ -.htaccess -.htpasswd -.meta -.web -access_log -cgi -cgi-bin -cgi-pub -cgi-script -dummy -error -error_log -htdocs -httpd -httpd.pid -icons -index.html -logs -manual -phf -printenv -server-info -server-status -status -test-cgi -tmp -~bin -~ftp -~nobody -~root -php.ini -mod_cluster-manager -balancer-manager