Backup_Repos/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists synced 2026-01-06 16:20:06 +01:00
Code Issues Projects Releases Wiki Activity
SecLists/Discovery/Web-Content
History
ItsIgnacioPortal 562b8dd0d6 fix(wordlist): Renamed 'proxy-conf.fuzz.txt' to 'Proxy-Auto-Configuration-Files.txt'
2025-02-21 22:59:10 -03:00
..
api Revert "feat(docs): Improve readme files for better clarity and usage examples" 2025-01-24 22:16:31 -03:00
BurpSuite-ParamMiner Rename "_" -> "-" & found a few new homes 2018-10-15 13:08:10 +01:00
CMS fix(wordlist): renamed wordlist 'Sharepoint.fuzz.txt' to 'Sharepoint.txt' 2025-02-21 20:59:15 -03:00
Domino-Hunter Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
dutch Removed offensive/harmful entries in files. 2024-03-29 12:29:53 -07:00
File-Extensions-Universal-SVNDigger-Project feat(docs): Renamed 'SVNDigger' folder to a more descriptive folder name 2025-02-21 20:15:56 -03:00
LEGACY-SERVICES feat(docs): Added criteria for the LEGACY-SERVICES category 2025-02-21 21:01:10 -03:00
Programming-Language-Specific fix(docs): Moved 'spring-boot.txt' into the Programming-Language-Specific directory 2025-02-21 20:41:24 -03:00
Service-Specific fix(wordlist): Moved 'websphere.txt' into 'Service-Specific\IBM-WebSphere-Application-Server.txt' 2025-02-21 22:42:42 -03:00
trickest-robots-disallowed-wordlists [Github Action] Automated trickest wordlists update. 2025-02-17 19:03:15 +00:00
URLs Revert "feat(docs): Improve readme files for better clarity and usage examples" 2025-01-24 22:16:31 -03:00
Web-Servers fix(wordlist): renamed wordlist 'IIS.fuzz.txt' to 'IIS.txt' 2025-02-21 20:58:54 -03:00
AdobeXML.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
big.txt Merge pull request #1073 from newyork167/master 2024-11-20 10:08:16 +00:00
burp-parameter-names.txt Sync with param-miner master repo 2022-04-10 10:04:13 +02:00
coldfusion.txt standardisze line endings 2020-05-27 14:10:50 +01:00
combined_directories.txt Added gem/rack better errors 2024-08-14 17:11:52 -04:00
combined_words.txt Added gem/rack better errors 2024-08-14 17:11:52 -04:00
common-and-dutch.txt Adds activation to common.txt 2022-07-23 16:42:03 +02:00
common-and-french.txt
common-and-italian.txt
common-and-portuguese.txt renamed to correct name 2020-04-07 08:52:35 -03:00
common-and-spanish.txt
common-api-endpoints-mazen160.txt
Common-DB-Backups.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
common.txt feat(wordlist): Add filepaths for testing Single-page applications. (#1159) 2025-02-07 13:40:08 -03:00
common_directories.txt feat(wordlist): created 'common_directories.txt' wordlist 2024-09-10 22:52:36 -03:00
default-web-root-directory-linux.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
default-web-root-directory-windows.txt Quick move about 2018-03-21 17:47:29 +00:00
directory-list-1.0.txt Discovery: Fix spelling and hyphenate some words 2021-03-13 23:23:27 +01:00
directory-list-2.3-big.txt Removed offensive/harmful entries in files. 2024-03-29 12:29:53 -07:00
directory-list-2.3-medium.txt Removed offensive/harmful entries in files. 2024-03-29 12:29:53 -07:00
directory-list-2.3-small.txt Discovery: Fix spelling and hyphenate some words 2021-03-13 23:23:27 +01:00
directory-list-lowercase-2.3-big.txt Discovery: Fix spelling and hyphenate some words 2021-03-13 23:23:27 +01:00
directory-list-lowercase-2.3-medium.txt Discovery: Fix spelling and hyphenate some words 2021-03-13 23:23:27 +01:00
directory-list-lowercase-2.3-small.txt Discovery: Fix spelling and hyphenate some words 2021-03-13 23:23:27 +01:00
domino-dirs-coldfusion39.txt Close #291 - Fix encoding issues 2019-05-08 11:04:00 +01:00
domino-endpoints-coldfusion39.txt merged two domino endpoints files 2018-12-11 04:01:38 +02:00
dsstorewordlist.txt Added dsstorewordlist.txt 2022-11-08 19:15:13 -03:00
graphql.txt add ___graphql to Discovery/Web-Content/graphql.txt,https://github.com/danielmiessler/SecLists/issues/642 2021-08-28 11:44:02 +08:00
hashicorp-consul-api.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
hashicorp-vault.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
HTTP-POST-Microsoft.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
JavaScript-Miners.txt
JavaServlets-Common.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
LinuxFileList.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
Logins.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
Microsoft-Frontpage.txt fix(wordlist): renamed wordlist 'Frontpage.fuzz.txt' to 'Microsoft-Frontpage.txt' 2025-02-18 01:48:56 -03:00
netware.txt
ntlm-directories.txt Create ntlm-directories.txt 2024-03-30 17:28:41 +01:00
oauth-oidc-scopes.txt Added a couple of scopes 2021-10-18 01:36:33 +00:00
Oracle9i.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
OracleAppServer.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
Passwords.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
Proxy-Auto-Configuration-Files.txt fix(wordlist): Renamed 'proxy-conf.fuzz.txt' to 'Proxy-Auto-Configuration-Files.txt' 2025-02-21 22:59:10 -03:00
Public-Source-Repo-Issues.json Rename Public-Source-Repo-Issues.txt to Public-Source-Repo-Issues.json 2020-05-24 13:07:50 +02:00
quickhits.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
raft-large-directories-lowercase.txt Typos 2023-09-23 09:15:11 +02:00
raft-large-directories.txt Typos 2023-09-23 09:15:11 +02:00
raft-large-extensions-lowercase.txt Add server.js extension 2022-12-22 15:09:37 +00:00
raft-large-extensions.txt Add server.js extension 2022-12-22 15:09:37 +00:00
raft-large-files-lowercase.txt Typos 2023-09-23 09:15:11 +02:00
raft-large-files.txt Typos 2023-09-23 09:15:11 +02:00
raft-large-words-lowercase.txt
raft-large-words.txt Fix #259 - Recover from bad merge 2019-01-07 15:40:56 +00:00
raft-medium-directories-lowercase.txt strip trailing whitespace 2020-05-27 14:26:51 +01:00
raft-medium-directories.txt strip trailing whitespace 2020-05-27 14:26:51 +01:00
raft-medium-extensions-lowercase.txt Add server.js extension 2022-12-22 15:09:37 +00:00
raft-medium-extensions.txt Add server.js extension 2022-12-22 15:09:37 +00:00
raft-medium-files-lowercase.txt Add waybackverify.txt filename to raft medium and large lists 2021-07-13 13:09:49 +02:00
raft-medium-files.txt Add waybackverify.txt filename to raft medium and large lists 2021-07-13 13:09:49 +02:00
raft-medium-words-lowercase.txt
raft-medium-words.txt Update raft-medium-words.txt 2023-10-05 11:54:47 +02:00
raft-small-directories-lowercase.txt strip trailing whitespace 2020-05-27 14:26:51 +01:00
raft-small-directories.txt strip trailing whitespace 2020-05-27 14:26:51 +01:00
raft-small-extensions-lowercase.txt
raft-small-extensions.txt
raft-small-files-lowercase.txt
raft-small-files.txt
raft-small-words-lowercase.txt
raft-small-words.txt raft-small-words.txt: Added more source code versioning systems 2022-06-23 19:36:36 -03:00
README.md feat(docs): Added documentation for the 'graphql.txt' wordlist 2025-02-21 21:14:50 -03:00
reverse-proxy-inconsistencies.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
Roundcube-123.txt
rssfeed-files.txt Add files via upload 2024-07-04 07:57:17 +02:00
sap-analytics-cloud.txt Add files via upload 2023-03-09 13:38:45 +01:00
SAP-NetWeaver.txt fix(wordlist): Renamed 'sap.txt' to 'SAP-NetWeaver.txt' 2025-02-21 22:34:57 -03:00
SOAP-functions.txt feat(docs): Removed mis-categorized 'Web-Services' folder 2025-02-18 02:58:14 -03:00
tftp.fuzz.txt
UnixDotfiles.fuzz.txt Standardize leading slases in web conent 2023-05-18 23:55:53 +12:00
uri-from-top-55-most-popular-apps.txt Update uri-from-top-55-most-popular-apps.txt 2022-06-29 11:10:56 +02:00
url-params_from-top-55-most-popular-apps.txt Update and rename top-apk-params.txt to url-params_from-top-55-most-popular-apps.txt 2022-06-28 15:15:08 +02:00
versioning_metafiles.txt Create versioning_metafiles.txt 2021-02-20 20:41:53 +01:00
vulnerability-scan_j2ee-websites_WEB-INF.txt chore: Renamed "WEB-INF-dict.txt" to "vulnerability-scan_j2ee-websites_WEB-INF.txt" 2023-03-17 04:13:03 -03:00
web-all-content-types.txt Merge branch 'master' into sync 2024-12-20 02:45:55 -03:00
web-extensions-big.txt Added .vue file extension at web-extensions-big, reference : https://vuejs.org/api/sfc-spec 2024-11-22 06:46:22 +08:00
web-extensions.txt added .json 2024-11-11 02:15:04 +08:00
web-mutations.txt Add VIM and NANO backup file 2019-10-11 15:55:38 +02:00
wso2-enterprise-integrator.txt added wso2 api manager endpoint /services/WorkflowCallbackService?wsdl 2023-09-20 20:18:49 +02:00

README.md

Web discovery wordlists

AdobeXML.fuzz.txt

Use for: Discovering sensitive filepaths of Adobe ColdFusion

Creation date: Aug 27, 2012

No updates have been made to this wordlist since its creation.

raft-* wordlists

Use for: Directory and file brute-forcing leading to identification of vulnerabilities in web applications.

Source: Google's RAFT

combined_words.txt

Use for: discovering files
This list is automatically updated by a github action whenever any of the lists it's composed by is modified.

This list is a combination of the following wordlists:

  • big.txt
  • common.txt
  • raft-large-words-lowercase.txt
  • raft-large-words.txt
  • raft-medium-words-lowercase.txt
  • raft-medium-words.txt
  • raft-small-words-lowercase.txt
  • raft-small-words.txt

combined_directories.txt

Use for: discovering files and directories

This list is automatically updated by a github action whenever any of the lists it's composed by is modified.

These are the wordlists that compose this wordlist:

  • apache.txt
  • combined_words.txt
  • directory-list-1.0.txt
  • directory-list-2.3-big.txt
  • directory-list-2.3-medium.txt
  • directory-list-2.3-small.txt
  • raft-large-directories-lowercase.txt
  • raft-large-directories.txt
  • raft-medium-directories-lowercase.txt
  • raft-medium-directories.txt
  • raft-small-directories-lowercase.txt
  • raft-small-directories.txt
  • common_directories.txt

Usage

Use for: discovering files and directories

Source

This list is automatically updated by a GitHub action whenever any of the lists it's composed by is modified.

dsstorewordlist.txt

SOURCE: https://github.com/aels/subdirectories-discover

Perfect wordlist to discover directories and files on target site with tools like ffuf.

  • It was collected by parsing Alexa top-million sites for .DS_Store files (https://en.wikipedia.org/wiki/.DS_Store), extracting all the found files, and then extracting found file and directory names from around 300k real websites.
  • Then sorted by probability and removed strings with one occurrence.
  • resulted file you can download is below. Happy Hunting!

vulnerability-scan_j2ee-websites_WEB-INF.txt

Use for: discovering sensitive j2ee files exploiting a lfi

References:

Microsoft-Frontpage.txt

Use for: Fuzzing for common filepaths in webpages designed with Microsoft Frontpage

Year of the first release of Microsoft Frontpage: 1997 Year of the last release of Microsoft Frontpage: 2003

Date of last update: Oct 14, 2010

graphql.txt

Use for: Fuzzing for common filepaths in webpages that use the GraphQL Query Language