List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.
Contents of SecLists
Each section has tonnes of content including the below:
- Discovery lists (DNS, SNMP, Web content)
- Fuzzing Payloads (Databases, LFI, SQLi, XSS)
- Password lists (Common credentials, cracked hashes, honeypot captures, leaked lists)
- Data Pattern lists
- Payload files (Zip bombs, flash, images)
- Username lists (Honeypot captures)
- Web shells
wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
&& unzip SecList.zip \
&& rm -f SecList.zip
git clone –depth 1 https://github.com/danielmiessler/SecLists.git
git clone firstname.lastname@example.org:danielmiessler/SecLists.git
You can access all the lists here:
Read the rest of SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells now! Only available at Darknet.