mirror of
https://github.com/danielmiessler/SecLists
synced 2025-12-14 21:04:15 +01:00
| .. | ||
| trickest-cms-wordlist | ||
| Adobe-AEM_2021.txt | ||
| AdobeCQ-AEM_2017.txt | ||
| caobox-cms.txt | ||
| cms-configuration-files.txt | ||
| ColdFusion.fuzz.txt | ||
| Django.txt | ||
| dotnetnuke.txt | ||
| drupal-themes.fuzz.txt | ||
| Drupal.txt | ||
| flyspray-1.0RC4.txt | ||
| joomla-plugins.fuzz.txt | ||
| joomla-themes.fuzz.txt | ||
| kentico-cms-modules-themes.txt | ||
| liferay_dxp_default_portlets.txt | ||
| modx-revolution-plugins | ||
| php-nuke.fuzz.txt | ||
| piwik-3.0.4.txt | ||
| README.md | ||
| SAP.fuzz.txt | ||
| Sharepoint.fuzz.txt | ||
| sharepoint.txt | ||
| shopware.txt | ||
| sitecore | ||
| Sitefinity-fuzz.txt | ||
| sitemap-magento.txt | ||
| SiteMinder.fuzz.txt | ||
| symfony-315-demo.txt | ||
| symphony-267-xslt-cms.txt | ||
| Umbraco.fuzz.txt | ||
| Umbraco.txt | ||
| wordpress.fuzz.txt | ||
| wp-plugins.fuzz.txt | ||
| wp-themes.fuzz.txt | ||
CMS Wordlists
These wordlists are specific to Content Management Systems.
AdobeCQ-AEM_2017.txt
Use for: Discovering sensitive filepaths of Adobe Experience Manager Creation date: Oct 1, 2017 No updates have been made to this wordlist since its creation.
Oracle-EBS-wordlist.txt
Use for: Fuzzing for common filepaths of Oracle E-Business Suite (EBS) version 11.
EBS v11 exposes:
- usernames
- ports
- OS information
- protocol information
- Unauthenticated file upload
- Cookie contents
- SHA-1 hashed passwords
As an Unauthenticated user it's also possible to:
- Create forms
- Get servlets status
- Get certain configuration files
Reference: https://the-infosec.com/2017/03/29/do-you-know-what-your-erp-is-telling-us/
Date of last update: Oct 7, 2019