admin/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists.git synced 2025-06-07 21:46:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
890 Commits 2 Branches 29 Tags
Commit Graph

890 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
g0tmi1k
9239f0a284 find . -name '*_*' -exec rename 's/_/-/g' "{}" \; 2019-05-08 11:54:39 +01:00
g0tmi1k
bb915befb2
Merge pull request #298 from g0tmi1k/Fixes 
Close #291 - Fix encoding issues

```
$ for x in $( find . -type f ); do iconv -f utf-8 -t utf-8 -c ${x} | sed '/^$/d' > tmp; mv tmp ${x}; done
```
 2019-05-08 11:08:05 +01:00
g0tmi1k
a65f6bd665 Close #291 - Fix encoding issues 
$ for x in $( find . -type f ); do iconv -f utf-8 -t utf-8 -c ${x} | sed '/^$/d' > tmp; mv tmp ${x}; done
 2019-05-08 11:04:00 +01:00
g0tmi1k
3c8ddaf468
Merge pull request #297 from g0tmi1k/Fixes 
Close #293 - Ten Million Passwords

Source: https://xato.net/today-i-am-releasing-ten-million-passwords-b6278bbe7495

https://wpengine.com/unmasked/

https://mega.nz/#!SdYnkJRJ!HmD04LH8Gk8JtlNG6O2NnF2yH9qWJPWtSXbLU2ZR9Q8


```
$ awk -F '\t' '{print $1}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-usernames.txt
$ awk -F '\t' '{print $2}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-passwords.txt
$ awk -F '\t' '{print $1}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | grep -v ' 1 ' | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-usernames-dup.txt
$ awk -F '\t' '{print $2}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | grep -v ' 1 ' | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-passwords-dup.txt
```
 2019-05-08 10:33:10 +01:00
g0tmi1k
6d3b37a3c9 Close #293 - Ten Million Passwords 
Source: https://xato.net/today-i-am-releasing-ten-million-passwords-b6278bbe7495

https://wpengine.com/unmasked/

https://mega.nz/#!SdYnkJRJ!HmD04LH8Gk8JtlNG6O2NnF2yH9qWJPWtSXbLU2ZR9Q8

$ awk -F '\t' '{print $1}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-usernames.txt
$ awk -F '\t' '{print $2}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-passwords.txt
$ awk -F '\t' '{print $1}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | grep -v ' 1 ' | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-usernames-dup.txt
$ awk -F '\t' '{print $2}' 10-million-combos.txt | LC_ALL=C sort | LC_ALL=C uniq -c | LC_ALL=C sort -nr | grep -v ' 1 ' | awk -F ' ' '{for (i=2; i<=NF; i++) print $i}' > xato-net-10-million-passwords-dup.txt
 2019-05-08 10:30:38 +01:00
g0tmi1k
004af903c4
Merge pull request #296 from g0tmi1k/Fixes 
Close #294 - Add /weblogic/ready
 2019-05-07 18:20:50 +01:00
g0tmi1k
8e1f1ae56a Close #294 - Add /weblogic/ready 2019-05-07 18:20:26 +01:00
g0tmi1k
9e5f97fac5
Merge pull request #292 from Beverdam/master 
Added NCSC top 100K most used passwords

Source: https://www.ncsc.gov.uk/static-assets/documents/PwnedPasswordTop100k.txt
https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere
 2019-05-07 17:49:26 +01:00
Beverdam
c1c63869ba
Rename 100k_most_used_passwords_NCS.txt to 100k_most_used_passwords_NCSC.txt 
Changed filename
 2019-04-22 19:32:00 +02:00
Beverdam
80700778d8
Added NCSC top 100K used passwords 
Based of https://www.ncsc.gov.uk/static-assets/documents/PwnedPasswordTop100k.txt and https://www.ncsc.gov.uk/blog-post/passwords-passwords-everywhere
 2019-04-22 19:30:54 +02:00
g0tmi1k
181bd743eb
Merge pull request #290 from ricardojba/master 
Include .well-known/apple-app-site-association

Source: https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/april/apples_app_site_association_the_new_robots_txt/
 2019-04-12 16:31:18 +01:00
Ricardo
42dacbbfa0
Merge pull request #1 from ricardojba/ricardojba-apple-app-site-association 
Include .well-known/apple-app-site-association
 2019-04-12 16:26:13 +01:00
Ricardo
6d15c05bc4
Include .well-known/apple-app-site-association 
Include .well-known/apple-app-site-association
Ref: https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2019/april/apples_app_site_association_the_new_robots_txt/
 2019-04-12 16:25:47 +01:00
g0tmi1k
011d276f2a Merge branch 'master' of github.com:danielmiessler/SecLists 2019-04-12 14:35:07 +01:00
g0tmi1k
7b1f14989c Quick move about 2019-04-12 13:52:47 +01:00
g0tmi1k
7ccb85c376
Merge pull request #289 from toxydose/master 
minor updates
 2019-04-10 14:16:40 +01:00
toxydose
3251b35d54 update login endpoints 2019-04-10 15:54:03 +03:00
toxydose
6aa736a75a ShoreTel Connect login page GHDB-ID:5172 2019-04-10 15:47:27 +03:00
toxydose
94cc83dbda add endpoints without trailing slashes 2019-04-10 15:42:15 +03:00
Alexander Bridges
1883989647
Merge pull request #5 from danielmiessler/master 
update
 2019-04-10 15:38:55 +03:00
g0tmi1k
611ba969ec Move location 2019-04-10 13:31:17 +01:00
g0tmi1k
9e977458eb Add PHP Magic Hashes 
Source: https://www.whitehatsec.com/blog/magic-hashes/
 2019-04-10 13:29:50 +01:00
g0tmi1k
3f2c0d33d2 Quick clean up of locations 2019-04-10 13:22:39 +01:00
g0tmi1k
12751dbbf0 Fix #288 - Add graphql 
Source: https://graphql.org/learn/serving-over-http/
 2019-04-10 13:18:25 +01:00
g0tmi1k
b9483d00b7 Sort out a few more filenmae issues 2019-04-10 11:32:07 +01:00
g0tmi1k
437478ce7b Fix #284 #285 - useragents-ie.txt 2019-04-10 10:19:12 +01:00
g0tmi1k
aca3a1bb5c
Merge pull request #286 from bkimminich/master 
Add worlds-safest-password list by Der Postillon

Source: https://www.der-postillon.com/2014/04/it-experten-kuren-mb2r5ohf-0t-zum.html
 2019-04-05 08:35:35 +01:00
Björn Kimminich
35488476b6
Add worlds-safest-password list by Der Postillon 
https://www.der-postillon.com/2014/04/it-experten-kuren-mb2r5ohf-0t-zum.html
 2019-04-05 09:29:47 +02:00
g0tmi1k
ed69bd3738
Merge pull request #282 from drwetter/master 
Suggestion to avoid license files to be added per accident
 2019-03-19 09:30:26 +00:00
Dirk Wetter
9da980c4da Suggestion to avoid license files to be added per accident 
Some license files carry the extension .txt which requires
a thorough look to distinguish them from payloads with the
same extension.
 2019-03-19 10:20:36 +01:00
g0tmi1k
bca680eef5
Merge pull request #281 from Zawadidone/patch-1 
Update IIS.fuzz.txt

Source: https://twitter.com/mrr0y4l3/status/1106602488495525888?s=12
 2019-03-18 19:17:26 +00:00
Zawadi Done
eca7232058
Update IIS.fuzz.txt 
https://twitter.com/mrr0y4l3/status/1106602488495525888?s=12
 2019-03-18 20:00:54 +01:00
g0tmi1k
067e5cfc01
Merge pull request #280 from drwetter/master 
Adding more springboot entrypoints

Source: https://docs.spring.io/spring-boot/docs/current/reference/htmlsingle/#production-ready-endpoints
 2019-03-17 11:30:53 +00:00
Dirk
cea5abf93d Adding more springboot entrypoints 2019-03-17 11:47:50 +01:00
g0tmi1k
6830bbe052
Merge pull request #278 from tkisason/patch-1 
Update spring-boot.txt

Source: https://www.veracode.com/blog/research/exploiting-spring-boot-actuators
 2019-03-16 20:31:21 +00:00
g0tmi1k
75ea478e81
Merge pull request #279 from ArgentEnergy/new-web-paths 
New web paths
 2019-03-16 11:37:57 +00:00
ArgentEnergy
7fa417a3d5 Added more AEM paths. 2019-03-15 21:43:31 -03:00
ArgentEnergy
ae88fbed37 Added Swagger paths. 2019-03-15 21:18:17 -03:00
Tonimir Kisasondi
eaccabd89a
Update spring-boot.txt 2019-03-15 22:37:48 +01:00
Tonimir Kisasondi
61b92c599d
Update spring-boot.txt 
Added some other paths according to:
https://www.veracode.com/blog/research/exploiting-spring-boot-actuators
 2019-03-15 22:26:08 +01:00
g0tmi1k
ca946eefff
Merge pull request #277 from noraj/patch-2 
simple-shell.jsp: fix file
 2019-03-11 16:59:45 +00:00
Alexandre ZANNI
2affd894a4
fix file 
remove what seems to be a git addition (`+`)
 2019-03-11 17:12:47 +01:00
g0tmi1k
9196a19470
Merge pull request #274 from noraj/patch-1 
Update LFI-JHADDIX.txt
 2019-03-11 07:12:44 +00:00
Alexandre ZANNI
cfe4b16023
Update LFI-JHADDIX.txt 
fix typo + add 1 entry
 2019-03-10 17:11:22 +01:00
g0tmi1k
8087c4ba5d
Merge pull request #273 from leesoh/master 
Add "admin"
 2019-02-23 08:17:14 +00:00
Liam Somerville
9ddb20063b
Add "admin" 2019-02-22 12:02:05 -07:00
g0tmi1k
73a4b826e8
Merge pull request #272 from govolution/patch-1 
Update vagrant credentials

Source: https://app.vagrantup.com/peru/boxes/windows-10-enterprise-x64-eval
 2019-02-21 14:46:43 +00:00
govolution
887d68264b
Update vagrant credentials 
Source: https://app.vagrantup.com/peru/boxes/windows-10-enterprise-x64-eval
 2019-02-21 15:21:32 +01:00
g0tmi1k
70958f58b6
Merge pull request #271 from SolomonSklash/patch-1 
Fixed typo in file name.
 2019-02-20 10:06:14 +00:00
SolomonSklash
9d29d64635
Fixed typo in file name. 
sortedcombied-knock-dnsrecon-fierce-reconng.txt -> sortedcombined-knock-dnsrecon-fierce-reconng.txt
 2019-02-19 10:36:10 -06:00