admin/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2025-06-10 10:13:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,128 Commits 2 Branches 29 Tags
Commit Graph

260 Commits

Author SHA1 Message Date
g0tmi1k
6e912c6116
Merge pull request #908 from ItsIgnacioPortal/i690 
feat(wordlists): Added LFI wordlist "LFI-linux-and-windows_by-1N3@CrowdShield.txt".

Source: ec37930af3
 2023-11-23 17:27:16 +00:00
g0tmi1k
6aff8b92e0
Merge pull request #912 from cosad3s/master 
Update HTML tags & HTTP verbs
 2023-11-23 17:24:04 +00:00
Mo Langning
1cdd4b9906
Update os-names-mutation.txt 2023-11-03 09:37:59 +08:00
Mo Langning
63b85cbdf1
Update os-names-mutation.txt 2023-11-03 09:33:14 +08:00
Mo Langning
31f04833aa
Os-names but with mutation 2023-11-03 09:29:09 +08:00
Mo Langning
764155f83f
Update os-names.txt 
stripped extra space
space
 2023-11-03 09:12:13 +08:00
Mo Langning
1588c54106
Create os-names.txt 2023-11-03 09:04:27 +08:00
Sébastien Copin
44e92240a7 Add HTTP versb TRACK and DEBUG 
Especially used in IIS servers.

Sources:
- https://nmap.org/nsedoc/scripts/http-aspnet-debug.html
- https://techcommunity.microsoft.com/t5/iis-support-blog/http-track-and-trace-verbs/ba-p/784482
 2023-10-17 12:39:22 +02:00
Ignacio J. Perez Portal
306339aff6 feat(wordlist): Added LFI-linux-and-windows_by-1N3@CrowdShield.txt 
This wordlist has duplicate lines removed, and normalized Windows paths
 2023-10-10 09:15:00 -03:00
Dominique RIGHETTO
55c4988410
Rename OracleSID.txt to OracleDB-SID.txt 2023-10-08 19:26:29 +02:00
Dominique RIGHETTO
f81a9803f8
Add file 2023-10-08 19:17:49 +02:00
Stefan
96940203b1
Update LFI-gracefulsecurity-linux.txt 
Includes older SSH key format "ECDSA"
 2023-09-06 14:21:17 -04:00
not main acc
e36dfa24fa
Create OMI-Agent-Linux.txt 
from (my mistaken) issue: https://github.com/danielmiessler/SecLists/issues/891#issuecomment-1679646712
 2023-08-20 23:57:17 +02:00
Adil Nadeem Babras
460b207a07
List of File Extensions 
Source: Wikipedia
 2023-08-16 03:38:18 +05:00
Sonata Green
635f59acdc
more human injection; new LLM section 
(1) more human injection strings
(2) added a section for attacks against LLMs
 2023-05-29 19:47:45 +00:00
g0tmi1k
afc5439c00
Merge pull request #870 from ivan-sincek/master 
Hexadecimal ASCII and Hexadecimal Unicode

Source: https://github.com/ivan-sincek/amounts
 2023-05-16 07:51:53 +01:00
ClutchTech
fb4298a4cb Update LFI-gracefulsecurity-linux.txt 2023-04-23 22:00:00 -04:00
Ivan Šincek
2121ac1bbb Hexadecimal ASCII and Hexadecimal Unicode 
Added few more representations of numerical values.
 2023-04-18 13:44:57 +02:00
Sébastien Copin
18120d94f2 Add PHP magic methods list 
See: https://www.php.net/manual/en/language.oop5.magic.php
 2023-02-21 21:01:07 +01:00
g0tmi1k
cd30475c1a
Merge pull request #824 from cosad3s/master 
fuzz-Bo0oM.txt: "WAF friendly" version
 2022-11-22 12:22:36 +00:00
Sébastien Copin
db6c286085 fuzz-Bo0oM.txt: "WAF friendly" version 
sed  -r '/(passwd|.htaccess|.asa|.ini|var\/log|%252e%252e|%2e%2e|^\..+)/d' ./fuzz-Bo0oM.txt > ./fuzz-Bo0oM-friendly.txt

Tested against Akamai. For less "Access Denied" issues.
 2022-11-01 16:54:15 +01:00
Miguel Gómez
ec227174cd
Update LFI-Jhaddix.txt 
Double URL-encode '../' with %252e%252e%252f
 2022-09-27 16:36:41 -05:00
Taleb Qasem
b5116c1031
Update LFI-gracefulsecurity-windows.txt 
Added word list from (https://raw.githubusercontent.com/DragonJAR/Security-Wordlist/main/LFI-WordList-Windows).
 2022-08-02 16:25:02 +06:00
g0tmi1k
b49003fdbc
Merge pull request #785 from nicholas-long/master 
Create list of files in that could go in /etc for fuzzing
 2022-08-02 07:22:22 +01:00
g0tmi1k
7c82ca12db
Merge pull request #702 from TheTechromancer/master 
Added devops extensions - .test, .qa., etc. to Fuzzing/extensions-Bo0oM.txt
 2022-08-02 06:59:33 +01:00
g0tmi1k
4c29963899
Merge pull request #706 from D3vil0per/patch-1 
Create country-codes.txt

Source: https://www.iso.org/obp/ui/#search
 2022-08-02 06:59:08 +01:00
g0tmi1k
c0be11b9e4
Merge pull request #769 from ivan-sincek/master 
Fuzz amounts, quantities, or any other numerical values.

Source: https://research.nccgroup.com/wp-content/uploads/2020/07/common_security_issues_in_financially-orientated_web.pdf

https://github.com/ivan-sincek/amounts
 2022-08-02 06:43:14 +01:00
g0tmi1k
3217b9b8f2
Merge pull request #774 from bigshika/envIds 
Add common Environment identifiers
 2022-08-02 06:39:31 +01:00
Taleb Qasem
294ee04ad3
Update LFI-gracefulsecurity-linux.txt 
Removed 3 duplicates (/etc/passwd, /etc/mod, and /etc/php4/apache2/php.ini). Then added word list from (https://raw.githubusercontent.com/DragonJAR/Security-Wordlist/main/LFI-WordList-Linux).
 2022-07-27 21:16:50 +06:00
Nicholas Long
ca4f454d13 update auto commit message, rename wordlist and references to it, title case in markdown headings 2022-07-25 16:26:11 +00:00
nicholas-long
5850a8a1fb update autogenerated files 2022-07-12 23:27:17 +00:00
nicholas-long
3c181f15fe all files installed into etc by all deb packages from the debian and ubuntu apt repositories 2022-06-28 00:57:39 -05:00
Sana O
795bd9e37b Add sandbox, sb and stage 2022-06-27 12:31:20 +12:00
Sana O
f1613446e9 Add common 2 letter environment abbreviations 2022-06-23 14:48:28 +12:00
root
28152a11f3 Added README 2022-06-21 08:05:20 +02:00
root
1753648b46 More Wordlists Added 2nd 2022-06-20 23:54:15 +02:00
root
0e73109916 More Wordlists Added 2022-06-20 23:49:32 +02:00
root
d9c1ab4d08 Update Amounts 2022-06-20 22:01:18 +02:00
root
45abeea9ae Added Amounts 2022-06-20 21:30:28 +02:00
D3vil0per
3369b7df87
Update country-codes.txt 
Added uppercase codes
 2022-04-26 19:50:07 +02:00
g0tmi1k
635fadadf8
Merge pull request #708 from D3vil0per/patch-2 
Added methods from IANA source

Source: http://www.iana.org/assignments/http-methods/http-methods.xhtml#methods
 2022-04-26 17:26:16 +01:00
indigo-sadland
694b4873eb
Nginx merge slashes path traversal vulnerability payload 2022-04-18 00:26:27 -07:00
indigo-sadland
46671534b5
unicode encoded lfi payload 2022-04-16 19:26:33 +03:00
indigo-sadland
6117632c0d
unicode encoded lfi payload 2022-04-16 19:05:01 +03:00
indigo-sadland
c49917ce1a
unicode encoded lfi payload 2022-04-16 18:58:45 +03:00
indigo-sadland
ce75be351d
unicode encoded lfi payload 2022-04-16 18:50:38 +03:00
D3vil0per
7a42879a46
Added methods from IANA source 
Source: http://www.iana.org/assignments/http-methods/http-methods.xhtml#methods
 2022-04-02 14:25:20 +02:00
D3vil0per
3ad6e8ff8c
Create country-codes.txt 
According to the ISO 3166-1 standard. Useful for fuzzing elements like usernames as 'support-us' 'admin.us' 'helpdesk-US' and so on.
 2022-03-26 22:54:02 +01:00
TheTechromancer
a8d0850534 added devops extensions - .text, .qa. etc. 2022-03-03 11:23:21 -05:00
g0tmi1k
c54e07f5d8
Merge pull request #671 from righettod/feature_issue_654 
PR for issue 654 (environment identifiers dict)
 2022-02-02 23:39:00 +00:00