Backup_Repos/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists synced 2026-04-21 06:25:01 +02:00
Code Issues Projects Releases Wiki Activity
1507 commits 2 branches 31 tags 2.3 GiB
Commit graph

495 commits

Author SHA1 Message Date
g0tmi1k
517c44b24e
Merge pull request #808 from InTruder-Sec/master 
Added more API directories for web application  enumeration
 2022-11-22 12:10:51 +00:00
g0tmi1k
2ce0271683
Merge pull request #807 from righettod/feature_update_springboot 
[spring-boot.txt] Add new endpoints

- https://docs.spring.io/spring-boot/docs/current/reference/html/application-properties.html#application-properties.actuator.management.server.base-path
- https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints
 2022-11-22 12:09:25 +00:00
g0tmi1k
76d436287d
Merge pull request #805 from its0x08/patch-1 
chore: Add WEB-INF list

Source:
- https://gist.github.com/harisec/519dc6b45c6b594908c37d9ac19edbc3
- https://github.com/projectdiscovery/nuclei-templates/blob/master/vulnerabilities/generic/generic-j2ee-lfi.yaml
- https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LFIModule.java
 2022-11-22 12:08:32 +00:00
g0tmi1k
ad20e71dbc
Merge pull request #801 from righettod/feature_adobe_aem 
[AdobeCQ-AEM.txt] Cleanup and enrichment.

Source: 

- https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/getting-started/security-checklist.html#restrict-access
- https://experienceleague.adobe.com/docs/experience-manager-dispatcher/using/configuring/dispatcher-configuration.html?lang=en#testing-dispatcher-security
 2022-11-22 12:05:49 +00:00
g0tmi1k
2752f1bf21
Merge pull request #746 from cyberpathogen2018/patch-1 
Fixed typo on line 26

Source: https://www.acunetix.com/blog/articles/a-fresh-look-on-reverse-proxy-related-attacks/
 2022-11-22 12:00:42 +00:00
g0tmi1k
8d08bb324d
Merge pull request #798 from rodnt/patch-1 
Spring Boot RCE involving JMX enabled

Source: https://github.com/pyn3rd/Spring-Boot-Vulnerability#0x05-spring-boot-rce-involving-jmx-enabled
 2022-11-22 11:58:45 +00:00
0x08
a218cf1a62
Merge branch 'danielmiessler:master' into patch-1 2022-10-14 15:04:02 +03:00
0x08
9aa9cbe8d8
chore: Add entry to the README.md 2022-09-11 20:29:45 +03:00
Deep Dhakate
e987cfe049
Update README.md 2022-09-09 16:51:28 +05:30
Deep Dhakate
d923f12bc2
Update README.md 2022-09-08 13:08:14 +05:30
Deep Dhakate
ec1bc6a782
Add files via upload 2022-09-08 13:05:55 +05:30
Dominique RIGHETTO
94f9cd4103
Add missing ones from last doc versions 2022-09-05 18:29:15 +02:00
Dominique RIGHETTO
390477fdc5
Add endpoints 2022-09-05 18:19:14 +02:00
GitHub Action
62e98b2e6b [Github Action] Updated awesome-environment-variable-names.txt 2022-09-01 00:11:48 +00:00
0x08
a8b1094090
chore: Add WEB-INF list 
## Add `WEB-INF` list.
Used to test LFI on j2ee webapps.
### Reference: 
- [https://gist.github.com/harisec/519dc6b45c6b594908c37d9ac19edbc3](https://gist.github.com/harisec/519dc6b45c6b594908c37d9ac19edbc3)
- [https://github.com/projectdiscovery/nuclei-templates/blob/master/vulnerabilities/generic/generic-j2ee-lfi.yaml](https://github.com/projectdiscovery/nuclei-templates/blob/master/vulnerabilities/generic/generic-j2ee-lfi.yaml)
- [https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LFIModule.java](https://github.com/ilmila/J2EEScan/blob/master/src/main/java/burp/j2ee/issues/impl/LFIModule.java)
 2022-08-30 22:26:05 +03:00
Dominique RIGHETTO
dadb6f6ebc
Cleanup and enhancement 2022-08-08 18:28:59 +02:00
Rodolfo Tavares
2a5e2b03a9
Spring Boot RCE involving JMX enabled 
Extracted from https://github.com/pyn3rd/Spring-Boot-Vulnerability#0x05-spring-boot-rce-involving-jmx-enabled
 2022-08-03 12:18:24 -03:00
GitHub Action
ef791ad197 [Github Action] Updated combined_directories.txt 2022-08-02 09:54:34 +00:00
g0tmi1k
67887612d7
Merge pull request #777 from ItsIgnacioPortal/fawesome-secrets 
Added awesome-environment-variable-names.txt and an auto-updater github action

Source: https://github.com/Puliczek/awesome-list-of-secrets-in-environment-variables
 2022-08-02 07:16:39 +01:00
g0tmi1k
507b65ef47
Merge pull request #701 from chashtag/master 
Added more PHP web shells
 2022-08-02 07:15:37 +01:00
g0tmi1k
4b2f826fed
Merge pull request #713 from TheQmaks/master 
ISPSystem BillManager - list of api endpoints for hostings penetration tests

Source: https://docs.ispsystem.com/billmanager/developer-section/billmanager-api
 2022-08-02 06:57:38 +01:00
g0tmi1k
20903ee7d8
Merge pull request #756 from ScreaMy7/master 
List of TLDs.

Source:

https://data.iana.org/TLD/tlds-alpha-by-domain.txt
https://tld-list.com/tlds-from-a-z
https://raw.githubusercontent.com/jdgregson/TLD-List/master/newline-separated-tlds.txt
 2022-08-02 06:48:14 +01:00
g0tmi1k
593324addc
Merge pull request #767 from shelld3v/patch-10 
Update dirsearch.txt
 2022-08-02 06:45:45 +01:00
GitHub Action
1ef4dcb96e [Github Action] Updated combined_words.txt 2022-08-02 05:34:58 +00:00
g0tmi1k
ce9f9588b7
Merge pull request #776 from ItsIgnacioPortal/fVersioning-systems 
raft-small-words.txt: Added more source code versioning systems

Source: https://nitter.kavin.rocks/intigriti/status/1533050946212839424
 2022-08-02 06:33:45 +01:00
g0tmi1k
348b6f3f88
Merge pull request #778 from ItsIgnacioPortal/i768 
Fixes #768: Created combined_subdomains.txt and appended "preprod-payroll" to it.
 2022-08-02 06:32:57 +01:00
g0tmi1k
ddd078f4ab
Merge pull request #781 from J-GainSec/patch-1 
Create top-apk-params.txt

Source: 

https://gist.github.com/nullenc0de/be4d0ac216ee4fecab5493555089b28d

https://twitter.com/nullenc0de/status/1425973675715612672

https://gist.github.com/nullenc0de/e9d1f2a8a0a38c9bfcb5bdb9fc7191ea
 2022-08-02 06:28:30 +01:00
g0tmi1k
b949a69cca
Merge pull request #782 from J-GainSec/patch-2 
Create sharepoint.txt

Source: https://github.com/GainSec/TreeHouse-Wordlists/blob/master/Microsoft%20SharePoint.txt
 2022-08-02 06:26:49 +01:00
g0tmi1k
baa6e8599b
Merge pull request #783 from J-GainSec/patch-3 
Create iis-systemweb.txt

Source: https://github.com/GainSec/TreeHouse-Wordlists/blob/master/IIS_Systemweb_fuzz-WL.txt
 2022-08-02 06:25:56 +01:00
g0tmi1k
7fb9827bfc
Merge pull request #784 from J-GainSec/patch-4 
Create forefront-identity-management

Source: https://raw.githubusercontent.com/GainSec/TreeHouse-Wordlists/master/Microsoft-Forefront-Identity-Management-2010.txt
 2022-08-02 06:25:23 +01:00
g0tmi1k
1ebd15c9e5
Merge pull request #786 from J-GainSec/patch-5 
Create uri-from-top-55-most-popular-apps.txt

Source:

https://github.com/danielmiessler/SecLists/pull/781#issuecomment-1168353194

https://twitter.com/nullenc0de/status/1425973675715612672

https://gist.github.com/nullenc0de/e9d1f2a8a0a38c9bfcb5bdb9fc7191ea
 2022-08-02 06:22:46 +01:00
Dominique RIGHETTO
20cb80229b
Add ssh key file name 2022-08-02 06:19:51 +02:00
GitHub Action
51bad1c320 [Github Action] Updated combined_words.txt 2022-08-01 23:11:39 +00:00
Wouter Kobes
f752b04a32 Adds activation to common.txt 2022-07-23 16:42:03 +02:00
J-GainSec
cda67688e9
Update uri-from-top-55-most-popular-apps.txt 
Removed a few useless entries
 2022-06-29 11:10:56 +02:00
J-GainSec
76fbcb2289
Update sharepoint-ennumeration.txt 
Removed any entries with // or /// and reran uniq
 2022-06-29 11:00:16 +02:00
J-GainSec
cccdb40cef
Update sharepoint-ennumeration.txt 
Removed double slashes
 2022-06-28 21:34:27 +02:00
J-GainSec
00cb49844d
Update and rename sharepoint.txt to sharepoint-ennumeration.txt 
Changed name
 2022-06-28 21:32:55 +02:00
J-GainSec
77e7ea50cf
Update uri-from-top-55-most-popular-apps.txt 
Removed leading slashes.
 2022-06-28 21:30:54 +02:00
J-GainSec
0a09279658
Rename forefront-identity-management to forefront-identity-management.txt 2022-06-28 15:37:41 +02:00
J-GainSec
944a8deaf0
Create uri-from-top-55-most-popular-apps.txt 
Removed trailing slashes
 2022-06-28 15:17:38 +02:00
J-GainSec
8cf0fbdc71
Update and rename top-apk-params.txt to url-params_from-top-55-most-popular-apps.txt 
Updated name
 2022-06-28 15:15:08 +02:00
J-GainSec
06b0cddb2a
Create forefront-identity-management 
Sourced from https://raw.githubusercontent.com/GainSec/TreeHouse-Wordlists/master/Microsoft-Forefront-Identity-Management-2010.txt

Wordlist for Microsoft Forefront Identity Management 2010
 2022-06-27 19:25:35 +02:00
J-GainSec
6a191793da
Create iis-systemweb.txt 
Sourced from https://github.com/GainSec/TreeHouse-Wordlists/blob/master/IIS_Systemweb_fuzz-WL.txt

A IIS /system_web/ wordlist.
 2022-06-27 19:20:19 +02:00
J-GainSec
051d84c9e7
Create sharepoint.txt 
Sourced from https://github.com/GainSec/TreeHouse-Wordlists/blob/master/Microsoft%20SharePoint.txt

A Microsoft Sharepoint wordlist
 2022-06-27 19:18:05 +02:00
J-GainSec
9a6b80ed19
Create top-apk-params.txt 
Parameters from the Top 55 Android applications.
 2022-06-27 19:06:01 +02:00
PinkDev1
1cbee5afc8 Fixed #768: Created combined_subdomains.txt and appended "preprod-payroll" to it 2022-06-23 23:03:53 -03:00
PinkDev1
baaec330cf Added awesome-environment-variable-names.txt and an auto-updater github action 2022-06-23 21:55:49 -03:00
PinkDev1
ba70a134d9 raft-small-words.txt: Added more source code versioning systems 
Source: https://nitter.kavin.rocks/intigriti/status/1533050946212839424
 2022-06-23 19:36:36 -03:00
Pham Sy Minh
355b691d5e
Update dirsearch.txt 2022-06-18 13:52:57 +07:00