admin/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2025-05-29 01:31:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,346 Commits 2 Branches 29 Tags
Commit Graph

1346 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
GitHub Action
4eb28683ab [Github Action] Updated combined_words.txt 2022-04-26 16:51:13 +00:00
g0tmi1k
f5fa9786d1
Merge pull request #717 from g0tmi1k/release 
Update for 2022.2
2022.2 		2022-04-26 17:49:00 +01:00
g0t mi1k
515d85b83c Update for 2022.2 2022-04-26 17:46:18 +01:00
GitHub Action
939734974b [Github Action] Updated combined_directories.txt 2022-04-26 16:33:54 +00:00
g0tmi1k
9bf9f2ea2a
Merge pull request #696 from ItsIgnacioPortal/master 
Create universally useful combined web discovery wordlists which auto-update
 2022-04-26 17:32:16 +01:00
g0tmi1k
0db72b1dfc
Merge pull request #707 from zevlag/patch-1 
Add Baicells default creds from CVE-2022-24693

Source: https://github.com/advisories/GHSA-7vmv-mpx6-985j
 2022-04-26 17:26:41 +01:00
g0tmi1k
635fadadf8
Merge pull request #708 from D3vil0per/patch-2 
Added methods from IANA source

Source: http://www.iana.org/assignments/http-methods/http-methods.xhtml#methods
 2022-04-26 17:26:16 +01:00
g0tmi1k
839b262087
Merge pull request #709 from azams/master 
Add another obfuscated php shell and check the disable_functions.
 2022-04-26 17:25:56 +01:00
g0tmi1k
2e82613b9b
Merge pull request #712 from righettod/master 
Sync with param-miner master repository.

1. Take content of the file **params** from the [PortSwigger/param-miner](https://github.com/PortSwigger/param-miner/blob/master/resources/params) repository (master branch).
2. Take the content of the file **burp-parameter-names.txt** from the [SecLists](https://github.com/danielmiessler/SecLists/blob/master/Discovery/Web-Content/burp-parameter-names.txt) repository (master branch).
3. Unify the both content removing the duplicates via `cat params  burp-parameter-names.txt | sort -u > burp-parameter-names.txt`.
4. Add the parameter named **api-version** found into this [blog post](https://medium.com/xm-cyber/10-ways-of-gaining-control-over-azure-function-apps-7e7b84367ce6) about attacking Azure function apps.
 2022-04-26 17:25:07 +01:00
g0tmi1k
c12ada51d2
Merge pull request #714 from indigo-sadland/master 
Unicode encoded LFI payload
 2022-04-26 17:22:03 +01:00
g0tmi1k
115aace394
Merge pull request #715 from camercu/patch-1 
fix logic bug setting port number
 2022-04-26 17:21:21 +01:00
g0tmi1k
56a9cf192b
Merge pull request #716 from stoben/master 
Add Hangfire console

Source: https://docs.hangfire.io/en/latest/configuration/using-dashboard.html
https://www.shodan.io/search?query=http.title%3A%22hangfire%22
 2022-04-26 17:20:45 +01:00
Ben M Stokland
a7d0fc30a1
Add Hangfire console 
https://docs.hangfire.io/en/latest/configuration/using-dashboard.html
https://www.shodan.io/search?query=http.title%3A%22hangfire%22
 2022-04-20 21:32:18 +02:00
Cameron Unterberger
60ac224950
fix logic bug setting port number 2022-04-18 20:54:43 -04:00
indigo-sadland
694b4873eb
Nginx merge slashes path traversal vulnerability payload 2022-04-18 00:26:27 -07:00
indigo-sadland
46671534b5
unicode encoded lfi payload 2022-04-16 19:26:33 +03:00
indigo-sadland
6117632c0d
unicode encoded lfi payload 2022-04-16 19:05:01 +03:00
indigo-sadland
c49917ce1a
unicode encoded lfi payload 2022-04-16 18:58:45 +03:00
indigo-sadland
ce75be351d
unicode encoded lfi payload 2022-04-16 18:50:38 +03:00
Dominique RIGHETTO
ac544a1876
Sync with param-miner master repo 2022-04-10 10:04:13 +02:00
azams
090addc816 Add another obfuscated php shell. 2022-04-02 05:25:23 -07:00
D3vil0per
7a42879a46
Added methods from IANA source 
Source: http://www.iana.org/assignments/http-methods/http-methods.xhtml#methods
 2022-04-02 14:25:20 +02:00
zevlag
806526b1dd
Add Baicells default creds from CVE-2022-24693 2022-03-30 10:37:15 -04:00
PinkDev1
2147ad87f7
quickhits.txt: restored to its initial state 
My previous two commits should've been on a different branch, Woops
 2022-02-21 06:41:14 +00:00
PinkDev1
66672f7299
quickhits.txt: Added more files 
Extracted from ShhGit: https://github.com/eth0izzle/shhgit/blob/master/config.yaml
 2022-02-21 06:34:36 +00:00
PinkDev1
58df3b3401
quickhits.txt: Removed trailing "/" 2022-02-21 06:32:19 +00:00
g0tmi1k
168584fdc6
Merge pull request #651 from cbk914/master 
Spring paths update
 2022-02-02 23:41:04 +00:00
g0tmi1k
c9ffe7f73c
Merge pull request #656 from A1vinSmith/master 
Update content-type.txt

https://cweiske.de/tagebuch/php-mimetype.htm
 2022-02-02 23:40:50 +00:00
g0tmi1k
c54e07f5d8
Merge pull request #671 from righettod/feature_issue_654 
PR for issue 654 (environment identifiers dict)
 2022-02-02 23:39:00 +00:00
g0tmi1k
6a51a9b354
Merge pull request #675 from RAOexe/master 
Add: Top common Indian forenames
 2022-02-02 23:37:48 +00:00
g0tmi1k
52fbc4a631
Merge pull request #680 from 5tr1x/patch-3 
Create months.txt

for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:36:41 +00:00
g0tmi1k
bf2d2a996d
Merge pull request #681 from 5tr1x/patch-4 
Create days.txt

for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:36:21 +00:00
g0tmi1k
0d9870d28d
Merge pull request #679 from 5tr1x/patch-2 
Create seasons.txt



for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:35:58 +00:00
g0tmi1k
a537fd9ad4
Merge pull request #693 from giper45/master 
Added italian subdomains
 2022-02-02 23:34:42 +00:00
g0tmi1k
2e4017493f
Merge pull request #697 from elitejake/master 
Add wordlists from the Moby Project

https://en.wikipedia.org/wiki/Moby_Project
 2022-02-02 23:33:14 +00:00
g0tmi1k
aadf026ea2
Merge pull request #698 from evait-security/master 
add opcache to raft large directory list, ref: #683

Source: https://github.com/amnuts/opcache-gui
 2022-02-02 23:32:00 +00:00
Paul Werther
8b17578f93 add opcache to raft large directory list, #683 2022-02-01 15:32:17 +01:00
elitejake
fe7c9dfe3d
Create README.md 2022-02-01 09:13:17 +00:00
elitejake
cecdff7af0
Create README.md 2022-02-01 09:12:09 +00:00
elitejake
6c636bdfdd
Update README.md 2022-02-01 09:10:18 +00:00
elitejake
66ab7a382b
Add docs 2022-02-01 09:09:55 +00:00
elitejake
6daec75b5e
Create README.md 2022-02-01 09:06:37 +00:00
elitejake
75c849562a
Merge branch 'danielmiessler:master' into master 2022-02-01 14:15:47 +05:30
g0tmi1k
eaf1c8263f
Merge pull request #695 from elitejake/patch-2 
Remove duplicated entries
2022.1 		2022-01-31 23:23:47 +00:00
g0tmi1k
5d4ae18c7c
Merge pull request #692 from Wernfried/patch-1 
Added default passwords from Huawei
 2022-01-31 23:22:38 +00:00
g0tmi1k
58370984a4
Merge pull request #687 from righettod/master 
Add "h2-console" word

https://mp.weixin.qq.com/s/Yn5U8WHGJZbTJsxwUU3UiQ
https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console
https://www.shodan.io/search?query=http.title%3A%22H2+Console%22
 2022-01-31 23:22:06 +00:00
g0tmi1k
5a4d4f7ebc
Merge pull request #686 from AddaxSoft/patch-2 
added 8443, tomcat ssl
 2022-01-31 23:21:24 +00:00
g0tmi1k
2dac179038
Merge pull request #685 from wdahlenburg/master 
Adding Spring Boot Gateway Actuator

https://wya.pl/2021/12/20/bring-your-own-ssrf-the-gateway-actuator/
 2022-01-31 23:20:57 +00:00
g0tmi1k
6dd17288aa
Merge pull request #678 from righettod/feature_update_namelist 
Add new sub domain names

https://github.com/righettod/toolbox-pentest-web/blob/master/scripts/generate-vhost-names-dict.sh
 2022-01-31 23:09:45 +00:00
g0tmi1k
2b61465823
Merge pull request #673 from kakumanivrn/patch-1 
Added latest years to dictionary
 2022-01-31 23:06:23 +00:00