Backup_Repos/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists synced 2026-01-01 05:35:02 +01:00
Code Issues Projects Releases Wiki Activity
SecLists/Fuzzing
History
ItsIgnacioPortal 617ecd9393
chore(wordlist): Moved 'curl-protocols.txt' wordlist to the 'Fuzzing' directory 
fixes #1238
2025-08-10 16:56:16 -03:00
..
403
Amounts chore(wordlist): Re-sync rebase 2025-02-17 22:58:15 -03:00
Databases chore(wordlist): Moved polyglot sql injection wordlist into the 'SQLi' directory 2025-05-08 02:02:53 -03:00
Dates feat(wordlist): Added YYYY-MM-DD dates wordlists (PR #1217) 2025-06-21 19:50:42 -03:00
LFI feat(wordlist): Added /etc/apache2/.htpasswd to LFI fuzzing lists (PR #1223) 2025-06-29 12:19:43 -03:00
User-Agents
XSS chore(wordlist): Moved 'Polyglots' directory into the 'XSS' directory 2025-05-08 02:03:32 -03:00
0-999999-hashgen.py
1-4_all_letters_a-z.txt
3-digits-000-999.txt
4-digits-0000-9999.txt
5-digits-00000-99999.txt
6-digits-000000-999999.txt
alphanum-case-extra.txt
alphanum-case.txt
big-list-of-naughty-strings.txt Update big-list-of-naughty-strings.txt 2025-03-02 07:10:51 +02:00
char.txt
command-injection-commix.txt
country-codes-lower-case.txt
country-codes-upper-case.txt
country-codes.txt
curl-protocols.txt chore(wordlist): Moved 'curl-protocols.txt' wordlist to the 'Fuzzing' directory 2025-08-10 16:56:16 -03:00
doble-uri-hex.txt
email-top-100-domains.txt
environment-identifiers.txt
extension-test.txt
extensions-Bo0oM.txt
extensions-compressed.fuzz.txt
extensions-most-common.fuzz.txt
extensions-skipfish.fuzz.txt
file-extensions-all-cases.txt
file-extensions-lower-case.txt
file-extensions-upper-case.txt
file-extensions.txt
FormatString-Jhaddix.txt
fully-qualified-java-classes.txt added 'fully-qualified-java-classes' to fuzzing lists 2024-09-09 20:12:36 +00:00
fuzz-Bo0oM-friendly.txt
fuzz-Bo0oM.txt
FuzzingStrings-SkullSecurity.org.txt
HTML5sec-Injections-Jhaddix.txt
http-request-methods.txt
IBMMQSeries-channels.txt
JSON.Fuzzing.txt
LDAP-active-directory-attributes.txt
LDAP-active-directory-classes.txt
LDAP-openldap-attributes.txt
LDAP-openldap-classes.txt
LDAP.Fuzzing.txt
login_bypass.txt Add files via upload 2024-10-21 10:23:13 +02:00
Metacharacters.fuzzdb.txt
numeric-fields-only.txt
os-names-mutated.txt
os-names.txt
php-magic-methods.txt
README.md fix(docs): Improved formatting on the fuzzing README.md 2025-01-25 07:10:59 -03:00
special-chars + urlencoded.txt Add files via upload 2024-10-21 10:28:09 +02:00
special-chars.txt
SSI-Injection-Jhaddix.txt
template-engines-expression.txt
template-engines-special-vars.txt
Unicode.txt
UnixAttacks.fuzzdb.txt
URI-hex.txt
URI-XSS.fuzzdb.txt
Windows-Attacks.fuzzdb.txt
XML-FUZZ.txt
XXE-Fuzzing.txt

README.md

0-999999-hashgen.py

This tool generates a list of hashes for all numbers from 0 to 999999, and stores them in 0_999999_hashes.txt. The resulting file is aproximately 600MB in size.

The hashes it generates are:

  • MD5
  • SHA-1
  • SHA-224
  • SHA-256
  • SHA-384
  • SHA-512
  • SHA-3-256
  • BLAKE2b

URI-XSS.fuzzdb.txt

Use for: Fuzzing for XSS vulnerabilities in URIs Source: JBroFuzz

fully-qualified-java-classes.txt

Use for: Fuzzing URL parameters in web applications to test for deserialisation and type confusion vulnerabilities.