seclists

A collection of all the data i could extract from 1 billion leaked credentials from internet.

Bruteforce database

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

My useful files for penetration tests, security assessments, bug bounty and other security related stuff

Scripts, files, cheatsheets and more used for pentesting and my OSWE / AWAE exam.

To be used with tools like GoBuster & DirBuster but these lists are specifically tailored and designed for scanning phishing <>< landing pages and other malicious or sketch af financial/crypto fraud websites.

Every Hacker's Go to Fuzzing List. Introducing the Ultimate Fuzzing Directory: Your Go-To Resource for Penetration Testers and Bug Bounty Hunters! Unlock the power of comprehensive fuzzing with our meticulously curated Fuzzing Directory, a one-stop solution designed to streamline your penetration testing and bug bounty hunting endeavors.

Analysis of Swedish password usage

Sec-Payloads, It's a collection of multiple types of lists used during security assessments & used for bug bounty hunting or penetration testing, collected in one place. List types include xss, sqli, sensitive data patterns, fuzzing payloads, web shells, and many more.

International Password lists, rainbowtables, fuzz lists, usernames etc..

Curated list of payloads, passwords and shells that I frequently use.

🥬 Leek is a CLI and .NET toolset for detecting breached or weak secrets such as passwords

Random Lists

Small command line utility and helper tool to handle password leakage files.

Fuzzing or fuzz testing is an automated software used to test error handling of a software by providing an invalid,unexpected or random inputs.

osgit is an open-source GitHub OSINT tool for security researchers, bug bounty hunters, and penetration testers. It helps extract subdomains and repository paths from GitHub to generate useful wordlists or fuzzing dictionaries.