Home / Password Attacks / SecLists | Penetration Testing Tools

SecLists | Penetration Testing Tools

SecLists Package Description

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repo onto a new testing box and have access to every type of list that may be needed.

SecLists Usage Example

root@kali:~# ls -lh /usr/share/seclists/
total 40K
drwxr-xr-x  6 root root 4.0K Mar 23 09:56 Discovery
drwxr-xr-x  3 root root 4.0K Mar 23 09:56 Fuzzing
drwxr-xr-x  2 root root 4.0K Mar 23 09:56 IOCs
drwxr-xr-x  2 root root 4.0K Mar 23 09:56 Miscellaneous
drwxr-xr-x 11 root root 4.0K Mar 23 09:56 Passwords
drwxr-xr-x  2 root root 4.0K Mar 23 09:56 Pattern-Matching
drwxr-xr-x  7 root root 4.0K Mar 23 09:56 Payloads
-rwxr-xr-x  1 root root 3.5K Mar  7 16:02 README.md
drwxr-xr-x  4 root root 4.0K Mar 23 09:56 Usernames
drwxr-xr-x  7 root root 4.0K Mar 23 09:56 Web-Shells
root@kali:~#
root@kali:~# tree -d /usr/share/seclists/
/usr/share/seclists/
├── Discovery
│   ├── DNS
│   ├── Infrastructure
│   ├── SNMP
│   └── Web-Content
│       ├── CMS
│       ├── SVNDigger
│       │   ├── cat
│       │   │   ├── Conf
│       │   │   ├── Database
│       │   │   ├── Language
│       │   │   └── Project
│       │   └── context
│       ├── URLs
│       └── Web-Services
├── Fuzzing
│   └── Polyglots
├── IOCs
├── Miscellaneous
├── Passwords
│   ├── Common-Credentials
│   ├── Cracked-Hashes
│   ├── Default-Credentials
│   ├── Honeypot-Captures
│   ├── Leaked-Databases
│   ├── Malware
│   ├── Permutations
│   ├── Software
│   └── WiFi-WPA
├── Pattern-Matching
├── Payloads
│   ├── Anti-Virus
│   ├── File-Names
│   ├── Images
│   ├── PHPInfo
│   └── Zip-Bombs
├── Usernames
│   ├── Honeypot-Captures
│   └── Names
└── Web-Shells
    ├── FuzzDB
    ├── JSP
    ├── laudanum-0.8
    │   ├── asp
    │   ├── aspx
    │   ├── cfm
    │   ├── jsp
    │   │   └── warfiles
    │   │       ├── META-INF
    │   │       └── WEB-INF
    │   └── php
    ├── PHP
    └── WordPress

53 directories
root@kali:~#

Source: https://github.com/danielmiessler/SecLists

SecLists Homepage | SecLists GitHub | Kali SecLists Repo

  • Author: Daniel Miessler & Jason Haddix
  • License: MIT

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.