Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Rust

CSS

Objective-C

Erlang

Emacs Lisp

Swift

R

Go

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Java

Racket

F#

Lua

Julia

Perl

Zig

C++

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇹🇬 Togo

🇲🇺 Mauritius

🇿🇼 Zimbabwe

🇲🇶 Martinique

🇩🇴 Dominican Republic

🇰🇲 Comoros

🇮🇶 Iraq

🇲🇫 Saint Martin

All Countries Compare Countries

danielmiessler/SecLists

Stars
51,997
Rank 198 (Top 0.01 %)
Language
PHP
License
MIT License
Created about 12 years ago
Updated 3 months ago

danielmiessler/SecLists

danielmiessler

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

About SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

This project is maintained by Daniel Miessler, Jason Haddix, and g0tmi1k.

Repository details

Size of a complete clone of SecLists is currently at 1.2 GB

Cloning this repository should take 4-5 minutes at 5MB/s speeds.

Install

Zip

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
  && unzip SecList.zip \
  && rm -f SecList.zip

Git (Small)

git clone --depth 1 \
  https://github.com/danielmiessler/SecLists.git

Git (Complete)

git clone https://github.com/danielmiessler/SecLists.git

Kali Linux (Tool Page)

apt -y install seclists

BlackArch (Tool Page)

sudo pacman -S seclists

Attribution

See CONTRIBUTORS.md

Contributing

See CONTRIBUTING.md

Similar Projects

Licensing

This project is licensed under the MIT license.

—

^{NOTE: Downloading this repository is likely to cause a false-positive alarm by your anti-virus or anti-malware software, the filepath should be whitelisted. There is nothing in SecLists that can harm your computer as-is, however it's not recommended to store these files on a server or other important system due to the risk of local file include attacks.}

fabric

fabric is an open-source framework for augmenting humans using AI.

RobotsDisallowed

A curated list of the most common and most interesting robots.txt disallowed directories.

vim

My Vim configuration.

HoneyCredIPTracker

Quick script to gather stats on incoming credentials and IPs for a honey listener.

Source2URL

Parse source code directories and output list of URLs that are then sent through a proxy.

nginx

My Nginx configuration files, for all to use and improve upon.

egression

Test a network's egress controls with various levels of success and failure.

Caparser

A quick and dirty PCAP parser that helps you identify who your applications are sending sensitive data to without encryption.

SecurityTools

A repo for collecting and organizing security tools of various types. As new ones come out, they get added to the list.

iptables

An iptables firewall configuration template.

BugOutBag

CTFSolutionTypes

A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!

DNSHarvester

This tool will harvest valid DNS subdomains from a given domain.

TechStack

This project exists as a free (and transparent) alternative to paid services that show you what technologies are running on a given website.

ATM

The Adaptive Security Testing Methodology (ASTM) provides context-adjusted testing methodologies based on factors such as time available to test, platform, technology stack, versions, plugins, modules, and other variables.

geoip

A Ruby script that takes in IPs and returns Country, State, and City

GeoHarvest

A simple script for translating IP addresses to GeoLocations

Books

A list of the books that I am reading, with priorities.

hostfind

Does a dictionary lookup on common, valuable hostnames for a given domain.

GitHubRating

A composite score for one's GitHub quality.

tmux

mobiletools

Free tools for mobile testing.

ServerConfig

My various configuration files for zsh, vim, tmux, etc.

top-domains

A repository for maintaining a list of the top domains based on multiple lists

athi

ATHI — An AI Threat Modeling Framework for Policymakers

mst

A meta-scan tool used to kick off a number of command-line security tools during VA/PT work.

unsupervised-learning

Personal

A repository for personal tracking.

NewBox

Zsh and Vim on new Linux boxen.

CertExpirationCheck

Checks to see when the cert for a given domain expires.

Self

A tracking system for everything me, e.g.: beliefs, passions, must-haves, must-dos, favorite movies, favorite quotes, favorite aphorisms, etc.

neovim

My Neovim settings

gscour

Find all hostnames related to a given domain. Helpful during VA/PT work.

augmented-course

The website for the AUGMENTED AI course.

owasp-summit-2017

Content for OWASP Summit 2017 site

GetTweets

Get a number of your tweets from the Twitter API.

FreeWill_TwoLever_Argument

This is a project aimed to show that Free Will is impossible using Ruby

WorkDay

An ideal (regular) work day.

Dicematch

Determines how many times a given number of dice match each other.

LifeOpt

A repository for life optimizations. Examples include wardrobe, work bag, knives, coffee gear, etc.

Intimate

INTIMATE -- The audience management platform.

MostPoweredBy

Checks to see the most common X-Powered-By headers for the world's most popular websites.

CaliforniaAirQuality

Get the air quality for your area from California's AIrNow website using Ruby and Nokogiri.

Opim

Optimize images in OS X

import-alignment

A library-based attempt to increase our chances for achieving AI Alignment with an emergent AGI.

Restaurants

A list of restaurants I've experienced or want to experience.

BandShuffle

Shuffle some bands, yo.

TeamShuffle

A script to randomly pick the order your team does something.

threshold-site

The website for the Threshold.

mhp

A proof-by-simulation of the Monty Hall problem [Python]

Statraises

A Ruby script that checks to see how many stat checks are needed to raise a stat.