lzh/SecLists
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1,552 Commits 1 Branch 19 Tags
master
Commit Graph

1552 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
D3vil0per 3369b7df87 Update country-codes.txt 
Added uppercase codes
 2022-04-26 19:50:07 +02:00
GitHub Action 4eb28683ab [Github Action] Updated combined_words.txt 2022-04-26 16:51:13 +00:00
g0tmi1k f5fa9786d1 Merge pull request #717 from g0tmi1k/release 
Update for 2022.2
2022.2 		2022-04-26 17:49:00 +01:00
g0t mi1k 515d85b83c Update for 2022.2 2022-04-26 17:46:18 +01:00
GitHub Action 939734974b [Github Action] Updated combined_directories.txt 2022-04-26 16:33:54 +00:00
g0tmi1k 9bf9f2ea2a Merge pull request #696 from ItsIgnacioPortal/master 
Create universally useful combined web discovery wordlists which auto-update
 2022-04-26 17:32:16 +01:00
g0tmi1k 0db72b1dfc Merge pull request #707 from zevlag/patch-1 
Add Baicells default creds from CVE-2022-24693

Source: https://github.com/advisories/GHSA-7vmv-mpx6-985j
 2022-04-26 17:26:41 +01:00
g0tmi1k 635fadadf8 Merge pull request #708 from D3vil0per/patch-2 
Added methods from IANA source

Source: http://www.iana.org/assignments/http-methods/http-methods.xhtml#methods
 2022-04-26 17:26:16 +01:00
g0tmi1k 839b262087 Merge pull request #709 from azams/master 
Add another obfuscated php shell and check the disable_functions.
 2022-04-26 17:25:56 +01:00
g0tmi1k 2e82613b9b Merge pull request #712 from righettod/master 
Sync with param-miner master repository.

1. Take content of the file **params** from the [PortSwigger/param-miner](https://github.com/PortSwigger/param-miner/blob/master/resources/params) repository (master branch).
2. Take the content of the file **burp-parameter-names.txt** from the [SecLists](https://github.com/danielmiessler/SecLists/blob/master/Discovery/Web-Content/burp-parameter-names.txt) repository (master branch).
3. Unify the both content removing the duplicates via `cat params  burp-parameter-names.txt | sort -u > burp-parameter-names.txt`.
4. Add the parameter named **api-version** found into this [blog post](https://medium.com/xm-cyber/10-ways-of-gaining-control-over-azure-function-apps-7e7b84367ce6) about attacking Azure function apps.
 2022-04-26 17:25:07 +01:00
g0tmi1k c12ada51d2 Merge pull request #714 from indigo-sadland/master 
Unicode encoded LFI payload
 2022-04-26 17:22:03 +01:00
g0tmi1k 115aace394 Merge pull request #715 from camercu/patch-1 
fix logic bug setting port number
 2022-04-26 17:21:21 +01:00
g0tmi1k 56a9cf192b Merge pull request #716 from stoben/master 
Add Hangfire console

Source: https://docs.hangfire.io/en/latest/configuration/using-dashboard.html
https://www.shodan.io/search?query=http.title%3A%22hangfire%22
 2022-04-26 17:20:45 +01:00
Ben M Stokland a7d0fc30a1 Add Hangfire console 
https://docs.hangfire.io/en/latest/configuration/using-dashboard.html
https://www.shodan.io/search?query=http.title%3A%22hangfire%22
 2022-04-20 21:32:18 +02:00
Cameron Unterberger 60ac224950 fix logic bug setting port number 2022-04-18 20:54:43 -04:00
indigo-sadland 694b4873eb Nginx merge slashes path traversal vulnerability payload 2022-04-18 00:26:27 -07:00
indigo-sadland 46671534b5 unicode encoded lfi payload 2022-04-16 19:26:33 +03:00
indigo-sadland 6117632c0d unicode encoded lfi payload 2022-04-16 19:05:01 +03:00
indigo-sadland c49917ce1a unicode encoded lfi payload 2022-04-16 18:58:45 +03:00
indigo-sadland ce75be351d unicode encoded lfi payload 2022-04-16 18:50:38 +03:00
Anatoliy dcb3b852f9 Add files via upload 2022-04-13 23:44:43 +03:00
Dominique RIGHETTO ac544a1876 Sync with param-miner master repo 2022-04-10 10:04:13 +02:00
azams 090addc816 Add another obfuscated php shell. 2022-04-02 05:25:23 -07:00
D3vil0per 7a42879a46 Added methods from IANA source 
Source: http://www.iana.org/assignments/http-methods/http-methods.xhtml#methods
 2022-04-02 14:25:20 +02:00
zevlag 806526b1dd Add Baicells default creds from CVE-2022-24693 2022-03-30 10:37:15 -04:00
D3vil0per 3ad6e8ff8c Create country-codes.txt 
According to the ISO 3166-1 standard. Useful for fuzzing elements like usernames as 'support-us' 'admin.us' 'helpdesk-US' and so on.
 2022-03-26 22:54:02 +01:00
TheTechromancer a8d0850534 added devops extensions - .text, .qa. etc. 2022-03-03 11:23:21 -05:00
PinkDev1 2147ad87f7 quickhits.txt: restored to its initial state 
My previous two commits should've been on a different branch, Woops
 2022-02-21 06:41:14 +00:00
PinkDev1 66672f7299 quickhits.txt: Added more files 
Extracted from ShhGit: https://github.com/eth0izzle/shhgit/blob/master/config.yaml
 2022-02-21 06:34:36 +00:00
PinkDev1 58df3b3401 quickhits.txt: Removed trailing "/" 2022-02-21 06:32:19 +00:00
chashtag a6f336de8c removed non php shells 2022-02-09 21:42:25 -05:00
chashtag 6428e57575 Added more we shells 
Removed spaces from file name
 2022-02-09 21:37:00 -05:00
g0tmi1k 168584fdc6 Merge pull request #651 from cbk914/master 
Spring paths update
 2022-02-02 23:41:04 +00:00
g0tmi1k c9ffe7f73c Merge pull request #656 from A1vinSmith/master 
Update content-type.txt

https://cweiske.de/tagebuch/php-mimetype.htm
 2022-02-02 23:40:50 +00:00
g0tmi1k c54e07f5d8 Merge pull request #671 from righettod/feature_issue_654 
PR for issue 654 (environment identifiers dict)
 2022-02-02 23:39:00 +00:00
g0tmi1k 6a51a9b354 Merge pull request #675 from RAOexe/master 
Add: Top common Indian forenames
 2022-02-02 23:37:48 +00:00
g0tmi1k 52fbc4a631 Merge pull request #680 from 5tr1x/patch-3 
Create months.txt

for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:36:41 +00:00
g0tmi1k bf2d2a996d Merge pull request #681 from 5tr1x/patch-4 
Create days.txt

for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:36:21 +00:00
g0tmi1k 0d9870d28d Merge pull request #679 from 5tr1x/patch-2 
Create seasons.txt



for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:35:58 +00:00
g0tmi1k a537fd9ad4 Merge pull request #693 from giper45/master 
Added italian subdomains
 2022-02-02 23:34:42 +00:00
g0tmi1k 2e4017493f Merge pull request #697 from elitejake/master 
Add wordlists from the Moby Project

https://en.wikipedia.org/wiki/Moby_Project
 2022-02-02 23:33:14 +00:00
g0tmi1k aadf026ea2 Merge pull request #698 from evait-security/master 
add opcache to raft large directory list, ref: #683

Source: https://github.com/amnuts/opcache-gui
 2022-02-02 23:32:00 +00:00
Paul Werther 8b17578f93 add opcache to raft large directory list, #683 2022-02-01 15:32:17 +01:00
elitejake fe7c9dfe3d Create README.md 2022-02-01 09:13:17 +00:00
elitejake cecdff7af0 Create README.md 2022-02-01 09:12:09 +00:00
elitejake 6c636bdfdd Update README.md 2022-02-01 09:10:18 +00:00
elitejake 66ab7a382b Add docs 2022-02-01 09:09:55 +00:00
elitejake 6daec75b5e Create README.md 2022-02-01 09:06:37 +00:00
elitejake 75c849562a Merge branch 'danielmiessler:master' into master 2022-02-01 14:15:47 +05:30
g0tmi1k eaf1c8263f Merge pull request #695 from elitejake/patch-2 
Remove duplicated entries
2022.1 		2022-01-31 23:23:47 +00:00