SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place.

List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

Contents of SecLists

Each section has tonnes of content including the below:

• Discovery lists (DNS, SNMP, Web content)
• Fuzzing Payloads (Databases, LFI, SQLi, XSS)
• Password lists (Common credentials, cracked hashes, honeypot captures, leaked lists)
• Data Pattern lists
• Payload files (Zip bombs, flash, images)
• Username lists (Honeypot captures)
• Web shells

Install SecLists

Zip

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip
&& unzip SecList.zip
&& rm -f SecList.zip

Git (Small)

git clone –depth 1 https://github.com/danielmiessler/SecLists.git

Git (Complete)

git clone git@github.com:danielmiessler/SecLists.git

You can access all the lists here:

https://github.com/danielmiessler/SecLists

Read the rest of SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells now! Only available at Darknet.

Source de l’article sur Darknet