admin/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2025-06-08 14:07:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
739 Commits 2 Branches 29 Tags
Commit Graph

739 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
g0tmi1k
162c2ee368
Merge pull request #328 from hisxo/patch-1 
Create symfony wordlist (for LFI/Path Traversal)

Source: https://github.com/hisxo/wordlist
 2019-08-13 04:36:15 -07:00
g0tmi1k
fd95031f64
Merge pull request #330 from denzuko/patch-2 
Create stupid-ones-in-production.txt
 2019-08-13 04:35:59 -07:00
g0tmi1k
aeeac3d7ef
Merge pull request #331 from ericrange/patch-2 
new config file locations
 2019-08-13 04:35:31 -07:00
Eric Range
93e236b118
Update quickhits.txt 2019-08-13 10:21:15 +02:00
Eric Range
a71d0b11fd
new config file locations 
config files for the "Damn Vulnerable Web Application (DVWA)" app.
 2019-08-13 10:18:39 +02:00
Dwight Spencer
23bf1c051f
Create stupid-ones-in-production.txt 2019-08-08 14:59:22 -05:00
BlackPearl01
07dd8118ad
Create symfony wordlist (for LFI/Path Traversal) 
Hello,

I created this wordlist because I had a Path Traversal vulnerability in an environment with Symfony. This wordlist has helped me a lot and I hope she can help others.

Adrien
 2019-08-03 22:01:45 +02:00
g0tmi1k
1f6c4c10bf
Merge pull request #326 from toxydose/patch-1 
add Dot CMS login endpoint

Source: https://dotcms.com/docs/latest/logging-into-dotcms
 2019-07-29 14:42:12 +01:00
Alexander Bridges
4cdabd6555
add Dot CMS login endpoint 
source: https://dotcms.com/docs/latest/logging-into-dotcms
 2019-07-28 02:57:16 +03:00
g0tmi1k
3c3fc7c89e
Merge pull request #325 from toxydose/patch-2 
add weevely.php shell endpoint

Source: https://tools.kali.org/maintaining-access/weevely
 2019-07-26 13:57:15 +01:00
Alexander Bridges
b0a709be71
add weevely.php shell endpoint 2019-07-26 14:55:28 +03:00
g0tmi1k
d99ade3d0c
Merge pull request #324 from Glassware123/patch-1 
Update vnc-betterdefaultpasslist.txt
 2019-07-26 12:32:38 +01:00
Anıl Baş
12170c487d
Update vnc-betterdefaultpasslist.txt 
It is one of the most common credentials
 2019-07-26 14:31:07 +03:00
g0tmi1k
3019f92124
Merge pull request #321 from toxydose/patch-1 
add /phpmyadmin/ endpoints
 2019-07-21 08:42:05 +01:00
Alexander Bridges
09e93df441
add /phpmyadmin/ endpoints 2019-07-20 23:56:12 +03:00
g0tmi1k
40eeff6fc5
Merge pull request #318 from mbiert/readme-git-path 
Fix git clone complete path
 2019-07-12 11:40:07 +01:00
Mic Biert
52e5d58046 Fix git clone complete path 2019-07-11 20:28:10 +02:00
g0tmi1k
fab1f77a7d
Merge pull request #317 from maxence-schmitt/patch-1 
Adding sha256 magic hash

Source: https://github.com/spaze/hashes/blob/master/README.md
 2019-07-11 14:48:53 +01:00
maxence-schmitt
6a8724a628
Adding sha256 magic hash 
More info: https://github.com/spaze/hashes/blob/master/README.md
 2019-07-11 15:47:42 +02:00
g0tmi1k
f0438d39e3
Merge pull request #316 from g0tmi1k/misc 
Close #154 - 1.4 billion password breach compilation wordlist
 2019-07-09 12:15:50 +01:00
g0tmi1k
11b967a88f Merge branch 'master' of https://github.com/danielmiessler/SecLists into misc 
# Conflicts:
#	Discovery/Infrastructure/common-router-ips.txt
 2019-07-09 12:15:28 +01:00
g0tmi1k
1d768dbf9a Clean up other file to match 2019-07-09 12:13:37 +01:00
g0tmi1k
465a00dbe0 Close #154 - 1.4 billion password breach compilation wordlist 2019-07-09 12:12:33 +01:00
g0tmi1k
f455dc518a Sort common-router-ip by pop 2019-07-09 12:06:25 +01:00
g0tmi1k
503c57f500
Merge pull request #314 from jakobhuss/patch-1 
Non valid ipv4
 2019-07-05 17:22:13 +01:00
g0tmi1k
c94bdb754c
Merge pull request #315 from toxydose/master 
Created Sitecore CMS wordlist + minor endpoint updates.

Sitecore CMS:  https://www.sitecore.com/

Sensitive endpoints: https://doc.sitecore.com/developers/90/platform-administration-and-architecture/en/deny-anonymous-users-access-to-a-folder.html

Sitecore docs:  
https://doc.sitecore.com/legacy-docs/SC72/sitecore-web-service-sc65-a4.pdf
https://doc.sitecore.com/SdnArchive/upload/sitecore7/75/sitecore_security_hardening_guide-sc75-usletter.pdf

Contains sensitive info
https://zellwk.com/blog/bower/
 2019-07-05 17:20:28 +01:00
Alexander Bridges
c5c705134f
Sitecore CMS endpoints 
#### Sources:

Sitecore CMS:  https://www.sitecore.com/

Sensitive endpoints: https://doc.sitecore.com/developers/90/platform-administration-and-architecture/en/deny-anonymous-users-access-to-a-folder.html

Sitecore docs:  
https://doc.sitecore.com/legacy-docs/SC72/sitecore-web-service-sc65-a4.pdf
https://doc.sitecore.com/SdnArchive/upload/sitecore7/75/sitecore_security_hardening_guide-sc75-usletter.pdf
 2019-07-05 19:14:54 +03:00
Alexander Bridges
eae5072a6e
add bower.json dependencies file 
Contains sensitive info
https://zellwk.com/blog/bower/
 2019-07-05 18:53:08 +03:00
Alexander Bridges
ee0e0b01a5
few login endpoints 2019-07-05 18:50:29 +03:00
jakobhuss
0c97bfa509
Non valid ipv4 2019-07-05 13:53:59 +02:00
g0tmi1k
c9a56c3fe0
Merge pull request #312 from g0tmi1k/richelieu 
Add richelieu
 2019-07-03 14:11:25 +01:00
g0tmi1k
ad53a28ba0 Rename a few filesto match 2019-07-03 14:11:00 +01:00
g0tmi1k
cb68eaf66a Add richelieu 
Source: https://github.com/tarraschk/richelieu
 2019-07-03 14:04:48 +01:00
g0tmi1k
e06b13d36d
Merge pull request #310 from waawaa/patch-1 
Missing paths with known RCE vulnerabilities

- https://www.exploit-db.com/exploits/46814
- https://www.exploit-db.com/exploits/43458
- https://paper.seebug.org/910/
- https://techblog.mediaservice.net/2018/07/cve-2017-10271-oracle-weblogic-server-remote-command-execution-sleep-detection-payload/
 2019-07-02 14:16:55 +01:00
waawaa
4a5f06c053
Missing paths with known RCE vulnerabilities 
Some paths are missing which have known RCE vulnerabilities
 2019-07-02 09:31:42 +02:00
g0tmi1k
b0cbe86a20
Merge pull request #306 from g0tmi1k/phpinfo 
Add a few more filenames

Based on https://anotherhackerblog.com/exploiting-file-uploads-pt1/
 2019-06-07 11:07:47 +01:00
g0tmi1k
4257643de8 Add a few more filenames 
based on https://anotherhackerblog.com/exploiting-file-uploads-pt1/
 2019-06-07 11:06:35 +01:00
g0tmi1k
23901ce7b6 Fix make-*.sh files 2019-06-07 10:59:39 +01:00
g0tmi1k
b5de230180
Merge pull request #305 from g0tmi1k/guardicore 
Add MSSQL from guardicore: labs_campaigns-Nansh0u

Source: https://github.com/guardicore/labs_campaigns/blob/master/Nansh0u/common_passwords.txt
Source: https://github.com/guardicore/labs_campaigns/blob/master/Nansh0u/common_usernames.txt
 2019-05-30 12:24:56 +01:00
g0tmi1k
6d1ff64270 Add MSSQL from guardicore: labs_campaigns-Nansh0u 
Source: https://github.com/guardicore/labs_campaigns/blob/master/Nansh0u/common_passwords.txt
Source: https://github.com/guardicore/labs_campaigns/blob/master/Nansh0u/common_usernames.txt
 2019-05-30 12:20:13 +01:00
g0tmi1k
28db64c6e2
Merge pull request #304 from g0tmi1k/xss 
Add XSS without parentheses and semi-colons

Source: https://portswigger.net/blog/xss-without-parentheses-and-semi-colons
 2019-05-22 12:18:18 +01:00
g0tmi1k
3fc464d156 Add XSS without parentheses and semi-colons 
Source: https://portswigger.net/blog/xss-without-parentheses-and-semi-colons
 2019-05-22 12:15:42 +01:00
g0tmi1k
a176d0ccff
Merge pull request #301 from g0tmi1k/Fixes 
Give credit where its due!
 2019-05-08 15:35:25 +01:00
g0tmi1k
1c84d5f112 Give credit where its due! 2019-05-08 12:46:39 +01:00
g0tmi1k
379fba7854
Merge pull request #300 from g0tmi1k/Fixes 
Better filenames
 2019-05-08 12:30:24 +01:00
g0tmi1k
c731e1c9aa Better filenames 2019-05-08 12:28:10 +01:00
g0tmi1k
37fce3b2c1
Merge pull request #299 from g0tmi1k/Fixes 
Source: https://github.com/chrislockard/api_wordlist
2019.2 		2019-05-08 12:22:50 +01:00
g0tmi1k
7f083ceb07 Close #217 - Add api_wordlist 
Source: https://github.com/chrislockard/api_wordlist
 2019-05-08 12:22:03 +01:00
g0tmi1k
782d018267 Cleaned up filename phpBB 2019-05-08 12:08:11 +01:00
g0tmi1k
9239f0a284 find . -name '*_*' -exec rename 's/_/-/g' "{}" \; 2019-05-08 11:54:39 +01:00