SecLists渗透测试人员密码字典表|fuzz|payload|shell

SecLists渗透测试人员密码字典表|fuzz|payload|shell

关于SecLists

SecLists是安全测试人员的伴侣。它是在安全评估期间使用的多种类型列表的集合,这些列表集中在一个地方。列表类型包括用户名,密码,URL,敏感数据模式,模糊有效载荷,Web Shell等。目的是使安全测试人员可以将此存储库拉到新的测试箱中,并可以访问可能需要的每种类型的列表。

SecLists目录列表

SecLists
├─Discovery
│  ├─DNS
│  │      bitquark-subdomains-top100000.txt
│  │      deepmagic.com-prefixes-top500.txt
│  │      deepmagic.com-prefixes-top50000.txt
│  │      dns-Jhaddix.txt
│  │      fierce-hostlist.txt
│  │      namelist.txt
│  │      shubs-stackoverflow.txt
│  │      shubs-subdomains.txt
│  │      sortedcombined-knock-dnsrecon-fierce-reconng.txt
│  │      subdomains-top1million-110000.txt
│  │      subdomains-top1million-20000.txt
│  │      subdomains-top1million-5000.txt
│  │
│  ├─File-System
│  │      OBEX_common.txt
│  │      OBEX_rare.txt
│  │      windows-writable-locations.txt
│  │
│  ├─Infrastructure
│  │      common-http-ports.txt
│  │      common-router-ips.txt
│  │      nmap-ports-top1000.txt
│  │
│  ├─Mainframe
│  │      default_cics_transactions.txt
│  │
│  ├─SNMP
│  │      common-snmp-community-strings-onesixtyone.txt
│  │      common-snmp-community-strings.txt
│  │      snmp-onesixtyone.txt
│  │      snmp.txt
│  │
│  ├─Variables
│  │      secret-keywords.txt
│  │
│  └─Web-Content
│      │  AdobeCQ-AEM.txt
│      │  AdobeXML.fuzz.txt
│      │  Apache.fuzz.txt
│      │  apache.txt
│      │  ApacheTomcat.fuzz.txt
│      │  axis.txt
│      │  big.txt
│      │  burp-parameter-names.txt
│      │  CGI-HTTP-POST-Windows.fuzz.txt
│      │  CGI-HTTP-POST.fuzz.txt
│      │  CGI-Microsoft.fuzz.txt
│      │  CGI-XPlatform.fuzz.txt
│      │  CGIs.txt
│      │  coldfusion.txt
│      │  common-and-dutch.txt
│      │  common-and-french.txt
│      │  common-and-italian.txt
│      │  common-and-portuguese.txt
│      │  common-and-spanish.txt
│      │  common-api-endpoints-mazen160.txt
│      │  Common-DB-Backups.txt
│      │  Common-PHP-Filenames.txt
│      │  common.txt
│      │  CommonBackdoors-ASP.fuzz.txt
│      │  CommonBackdoors-JSP.fuzz.txt
│      │  CommonBackdoors-PHP.fuzz.txt
│      │  CommonBackdoors-PL.fuzz.txt
│      │  confluence-administration.txt
│      │  default-web-root-directory-linux.txt
│      │  default-web-root-directory-windows.txt
│      │  directory-list-1.0.txt
│      │  directory-list-2.3-big.txt
│      │  directory-list-2.3-medium.txt
│      │  directory-list-2.3-small.txt
│      │  directory-list-lowercase-2.3-big.txt
│      │  directory-list-lowercase-2.3-medium.txt
│      │  directory-list-lowercase-2.3-small.txt
│      │  dirsearch.txt
│      │  domino-dirs-coldfusion39.txt
│      │  domino-endpoints-coldfusion39.txt
│      │  FatwireCMS.fuzz.txt
│      │  fnf-fuzz.txt
│      │  Frontpage.fuzz.txt
│      │  frontpage.txt
│      │  golang.txt
│      │  graphql.txt
│      │  hpsmh.txt
│      │  HTTP-POST-Microsoft.fuzz.txt
│      │  Hyperion.fuzz.txt
│      │  hyperion.txt
│      │  IIS.fuzz.txt
│      │  iplanet.txt
│      │  JavaScript-Miners.txt
│      │  JavaServlets-Common.fuzz.txt
│      │  jboss.txt
│      │  Jenkins-Hudson.txt
│      │  JRun.fuzz.txt
│      │  jrun.txt
│      │  KitchensinkDirectories.fuzz.txt
│      │  LinuxFileList.txt
│      │  local-ports.txt
│      │  Logins.fuzz.txt
│      │  LotusNotes.fuzz.txt
│      │  netware.txt
│      │  nginx.txt
│      │  Oracle EBS wordlist.txt
│      │  oracle.txt
│      │  Oracle9i.fuzz.txt
│      │  OracleAppServer.fuzz.txt
│      │  Passwords.fuzz.txt
│      │  PHP.fuzz.txt
│      │  proxy-conf.fuzz.txt
│      │  Public-Source-Repo-Issues.json
│      │  quickhits.txt
│      │  raft-large-directories-lowercase.txt
│      │  raft-large-directories.txt
│      │  raft-large-extensions-lowercase.txt
│      │  raft-large-extensions.txt
│      │  raft-large-files-lowercase.txt
│      │  raft-large-files.txt
│      │  raft-large-words-lowercase.txt
│      │  raft-large-words.txt
│      │  raft-medium-directories-lowercase.txt
│      │  raft-medium-directories.txt
│      │  raft-medium-extensions-lowercase.txt
│      │  raft-medium-extensions.txt
│      │  raft-medium-files-lowercase.txt
│      │  raft-medium-files.txt
│      │  raft-medium-words-lowercase.txt
│      │  raft-medium-words.txt
│      │  raft-small-directories-lowercase.txt
│      │  raft-small-directories.txt
│      │  raft-small-extensions-lowercase.txt
│      │  raft-small-extensions.txt
│      │  raft-small-files-lowercase.txt
│      │  raft-small-files.txt
│      │  raft-small-words-lowercase.txt
│      │  raft-small-words.txt
│      │  Randomfiles.fuzz.txt
│      │  reverse-proxy-inconsistencies.txt
│      │  RobotsDisallowed-Top10.txt
│      │  RobotsDisallowed-Top100.txt
│      │  RobotsDisallowed-Top1000.txt
│      │  RobotsDisallowed-Top500.txt
│      │  ror.txt
│      │  Roundcube-123.txt
│      │  sap.txt
│      │  spring-boot.txt
│      │  SunAppServerGlassfish.fuzz.txt
│      │  sunas.txt
│      │  SuniPlanet.fuzz.txt
│      │  swagger.txt
│      │  tests.txt
│      │  tftp.fuzz.txt
│      │  tomcat.txt
│      │  UnixDotfiles.fuzz.txt
│      │  versioning_metafiles.txt
│      │  Vignette.fuzz.txt
│      │  web-all-content-types.txt
│      │  web-extensions.txt
│      │  web-mutations.txt
│      │  weblogic.txt
│      │  websphere.txt
│      │
│      ├─api
│      │      actions-lowercase.txt
│      │      actions-uppercase.txt
│      │      actions.txt
│      │      api-seen-in-wild.txt
│      │      api_endpoints.txt
│      │      objects-lowercase.txt
│      │      objects-uppercase.txt
│      │      objects.txt
│      │      README.md
│      │
│      ├─BurpSuite-ParamMiner
│      │      lowercase-headers
│      │      uppercase-headers
│      │
│      ├─CMS
│      │      caobox-cms.txt
│      │      ColdFusion.fuzz.txt
│      │      Django.txt
│      │      drupal-themes.fuzz.txt
│      │      Drupal.txt
│      │      flyspray-1.0RC4.txt
│      │      joomla-plugins.fuzz.txt
│      │      joomla-themes.fuzz.txt
│      │      kentico-cms-modules-themes.txt
│      │      modx-revolution-plugins
│      │      php-nuke.fuzz.txt
│      │      piwik-3.0.4.txt
│      │      SAP.fuzz.txt
│      │      Sharepoint.fuzz.txt
│      │      sharepoint.txt
│      │      shopware.txt
│      │      sitecore
│      │      Sitefinity-fuzz.txt
│      │      sitemap-magento.txt
│      │      SiteMinder.fuzz.txt
│      │      symfony-315-demo.txt
│      │      symphony-267-xslt-cms.txt
│      │      Umbraco.fuzz.txt
│      │      Umbraco.txt
│      │      wordpress.fuzz.txt
│      │      wp-plugins.fuzz.txt
│      │      wp-themes.fuzz.txt
│      │
│      ├─Domino-Hunter
│      │      Commands-Documents.txt
│      │      Commands-NSF.txt
│      │      Commands-Views.txt
│      │      dh.pl
│      │      Domino-Files.txt
│      │      LICENCE
│      │
│      ├─SVNDigger
│      │  │  all-dirs.txt
│      │  │  all-extensionless.txt
│      │  │  all.txt
│      │  │  Licence
│      │  │  ReadMe.txt
│      │  │  symfony.txt
│      │  │
│      │  ├─cat
│      │  │  ├─Conf
│      │  │  │      conf.txt
│      │  │  │      config.txt
│      │  │  │      htaccess.txt
│      │  │  │      properties.txt
│      │  │  │
│      │  │  ├─Database
│      │  │  │      inc.txt
│      │  │  │      ini.txt
│      │  │  │      mdb.txt
│      │  │  │      mdf.txt
│      │  │  │      sql.txt
│      │  │  │      xml.txt
│      │  │  │
│      │  │  ├─Language
│      │  │  │      ascx.txt
│      │  │  │      asp.txt
│      │  │  │      aspx.txt
│      │  │  │      c.txt
│      │  │  │      cfm.txt
│      │  │  │      cpp.txt
│      │  │  │      cs.txt
│      │  │  │      css.txt
│      │  │  │      html.txt
│      │  │  │      jar.txt
│      │  │  │      java.txt
│      │  │  │      js.txt
│      │  │  │      jsp.txt
│      │  │  │      jspf.txt
│      │  │  │      php.txt
│      │  │  │      php3.txt
│      │  │  │      php5.txt
│      │  │  │      phpt.txt
│      │  │  │      pl.txt
│      │  │  │      py.txt
│      │  │  │      rb.txt
│      │  │  │      sh.txt
│      │  │  │      swf.txt
│      │  │  │      tpl.txt
│      │  │  │      vb.txt
│      │  │  │      wsdl.txt
│      │  │  │
│      │  │  └─Project
│      │  │          csproj.txt
│      │  │          pdb.txt
│      │  │          resx.txt
│      │  │          sln.txt
│      │  │          suo.txt
│      │  │          vbproj.txt
│      │  │
│      │  └─context
│      │          admin.txt
│      │          debug.txt
│      │          error.txt
│      │          help.txt
│      │          index.txt
│      │          install.txt
│      │          log.txt
│      │          readme.txt
│      │          root.txt
│      │          setup.txt
│      │          test.txt
│      │
│      ├─URLs
│      │      README.md
│      │      urls-Drupal-7.20.txt
│      │      urls-joomla-3.0.3.txt
│      │      urls-SAP.txt
│      │      urls-wordpress-3.3.1.txt
│      │
│      └─Web-Services
│              README.md
│              SOAP-functions.txt
│
├─Fuzzing
│  │  1-4_all_letters_a-z.txt
│  │  3-digits-000-999.txt
│  │  4-digits-0000-9999.txt
│  │  5-digits-00000-99999.txt
│  │  6-digits-000000-999999.txt
│  │  alphanum-case-extra.txt
│  │  alphanum-case.txt
│  │  big-list-of-naughty-strings.txt
│  │  char.txt
│  │  command-injection-commix.txt
│  │  doble-uri-hex.txt
│  │  email-top-100-domains.txt
│  │  extension-test.txt
│  │  extensions-Bo0oM.txt
│  │  extensions-compressed.fuzz.txt
│  │  extensions-most-common.fuzz.txt
│  │  extensions-skipfish.fuzz.txt
│  │  FormatString-Jhaddix.txt
│  │  fuzz-Bo0oM.txt
│  │  FuzzingStrings-SkullSecurity.org.txt
│  │  HTML5sec-Injections-Jhaddix.txt
│  │  http-request-methods.txt
│  │  JSON.Fuzzing.txt
│  │  LDAP-active-directory-attributes.txt
│  │  LDAP-active-directory-classes.txt
│  │  LDAP-openldap-attributes.txt
│  │  LDAP-openldap-classes.txt
│  │  LDAP.Fuzzing.txt
│  │  Metacharacters.fuzzdb.txt
│  │  numeric-fields-only.txt
│  │  special-chars.txt
│  │  SSI-Injection-Jhaddix.txt
│  │  template-engines-expression.txt
│  │  template-engines-special-vars.txt
│  │  Unicode.txt
│  │  UnixAttacks.fuzzdb.txt
│  │  URI-hex.txt
│  │  URI-XSS.fuzzdb.txt
│  │  Windows-Attacks.fuzzdb.txt
│  │  XML-FUZZ.txt
│  │  XSS-Fuzzing
│  │  XXE-Fuzzing.txt
│  │
│  ├─Databases
│  │      db2enumeration.fuzzdb.txt
│  │      MSSQL-Enumeration.fuzzdb.txt
│  │      MSSQL.fuzzdb.txt
│  │      MySQL-Read-Local-Files.fuzzdb.txt
│  │      MySQL-SQLi-Login-Bypass.fuzzdb.txt
│  │      MySQL.fuzzdb.txt
│  │      NoSQL.txt
│  │      Oracle.fuzzdb.txt
│  │      Postgres-Enumeration.fuzzdb.txt
│  │      sqli.auth.bypass.txt
│  │
│  ├─LFI
│  │      LFI-gracefulsecurity-linux.txt
│  │      LFI-gracefulsecurity-windows.txt
│  │      LFI-Jhaddix.txt
│  │      LFI-LFISuite-pathtotest-huge.txt
│  │      LFI-LFISuite-pathtotest.txt
│  │
│  ├─Polyglots
│  │      SQLi-Polyglots.txt
│  │      XSS-innerht-ml.txt
│  │      XSS-Polyglot-Ultimate-0xsobky.txt
│  │      XSS-Polyglots-Dmiessler.txt
│  │      XSS-Polyglots.txt
│  │
│  ├─SQLi
│  │      Generic-BlindSQLi.fuzzdb.txt
│  │      Generic-SQLi.txt
│  │      quick-SQLi.txt
│  │
│  ├─User-Agents
│  │  │  user-agents-whatismybrowserdotcom-large.txt
│  │  │  user-agents-whatismybrowserdotcom-mid.txt
│  │  │  user-agents-whatismybrowserdotcom-small.txt
│  │  │  UserAgents-IE.txt
│  │  │  UserAgents.fuzz.txt
│  │  │
│  │  ├─hardware-type-specific
│  │  │      billboard.txt
│  │  │      car.txt
│  │  │      computer.txt
│  │  │      ebook-reader.txt
│  │  │      game-console.txt
│  │  │      glasses.txt
│  │  │      handheld-game.txt
│  │  │      large-screen.txt
│  │  │      media-player.txt
│  │  │      mobile.txt
│  │  │      music-player.txt
│  │  │      pda.txt
│  │  │      phone.txt
│  │  │      server.txt
│  │  │      tablet.txt
│  │  │      tv.txt
│  │  │
│  │  ├─layout-engine-name
│  │  │      blink.txt
│  │  │      edgehtml.txt
│  │  │      gecko.txt
│  │  │      goanna.txt
│  │  │      khtml.txt
│  │  │      netfront.txt
│  │  │      presto.txt
│  │  │      trident.txt
│  │  │      webkit.txt
│  │  │
│  │  ├─operating-platform
│  │  │      admire.txt
│  │  │      android.txt
│  │  │      aopen-etile-19.txt
│  │  │      blackberry-10.txt
│  │  │      #{雨苁:此处省略4134个列表}-----
│  │  │      zte-z998.txt
│  │  │      zte-z999.txt
│  │  │
│  │  ├─operating-system-name
│  │  │      a-unix-based-os.txt
│  │  │      android.txt
│  │  │      bada.txt
│  │  │      beos.txt
│  │  │      blackberry-os.txt
│  │  │      chromeos.txt
│  │  │      darwin.txt
│  │  │      fire-os.txt
│  │  │      freebsd.txt
│  │  │      haiku.txt
│  │  │      hp-webos.txt
│  │  │      ios.txt
│  │  │      irix.txt
│  │  │      linux.txt
│  │  │      livearea.txt
│  │  │      mac-os-x.txt
│  │  │      mac.txt
│  │  │      macos.txt
│  │  │      openbsd.txt
│  │  │      palmos.txt
│  │  │      rim-tablet-os.txt
│  │  │      sunos.txt
│  │  │      symbian.txt
│  │  │      webos.txt
│  │  │      windows-mobile.txt
│  │  │      windows-phone.txt
│  │  │      windows.txt
│  │  │
│  │  ├─software-name
│  │  │      126-browser.txt
│  │  │      1337browser.txt
│  │  │      1password.txt
│  │  │      200pleasebot.txt
│  │  │      360spider.txt
│  │  │      3b-rooms-web-browser.txt
│  │  │      80legs-web-crawler.txt
│  │  │      a-passion-for-jazz-media-crawler.txt
│  │  │      abacho-crawler.txt
│  │  │      accoona-ai-crawler.txt
│  │  │      accoona-business-crawler.txt
│  │  │      admantx-platform-semantic-analyzer.txt
│  │  │      adobe-air.txt
│  │  │      ahrefs-backlink-research-bot.txt
│  │  │      alertsite-monitoring-bot.txt
│  │  │      alexa-bot.txt
│  │  │      alexa-certification-scanner.txt
│  │  │      alexa-site-audit.txt
│  │  │      alienblue.txt
│  │  │      amaya.txt
│  │  │      amazon-api-gateway.txt
│  │  │      android-browser.txt
│  │  │      anyapex-web-directory-crawler.txt
│  │  │      aol-browser.txt
│  │  │      arachmo-download-manager.txt
│  │  │      arora.txt
│  │  │      avant-browser.txt
│  │  │      avantgo-browser.txt
│  │  │      awesomium.txt
│  │  │      baidu-box-app.txt
│  │  │      baidu-image-spider.txt
│  │  │      baidu-spider.txt
│  │  │      baidu-union-spider.txt
│  │  │      become-com-crawler.txt
│  │  │      beslist-shopping-crawler.txt
│  │  │      bingbot.txt
│  │  │      bingpreview.txt
│  │  │      bit-ly-link-checker.txt
│  │  │      blackberry-browser.txt
│  │  │      blazer.txt
│  │  │      blitzbot-crawler.txt
│  │  │      blue-chrome.txt
│  │  │      boitho-distributed-crawler.txt
│  │  │      bonecho.txt
│  │  │      brave.txt
│  │  │      broadsign-xpress.txt
│  │  │      browsershots-com-cross-browser-tester.txt
│  │  │      camino.txt
│  │  │      careerbot-search-crawler.txt
│  │  │      catchbot.txt
│  │  │      catchpoint-analyser.txt
│  │  │      charlotte.txt
│  │  │      chimera.txt
│  │  │      chrome.txt
│  │  │      chromeplus.txt
│  │  │      chromium.txt
│  │  │      clamav-website-scanner.txt
│  │  │      coda.txt
│  │  │      coder-nut.txt
│  │  │      cometbird.txt
│  │  │      comodo-dragon.txt
│  │  │      comodo-icedragon.txt
│  │  │      content-crawler-spider.txt
│  │  │      converacrawler.txt
│  │  │      coolnovo.txt
│  │  │      cosmos-crawler.txt
│  │  │      covario-spider.txt
│  │  │      curl.txt
│  │  │      dataparksearch-engine.txt
│  │  │      delphi-embedded-web-browser.txt
│  │  │      diffbot-scanner.txt
│  │  │      dillo.txt
│  │  │      discord-bot.txt
│  │  │      discovery-engine-crawler.txt
│  │  │      dlink-backdoor.txt
│  │  │      dolfin.txt
│  │  │      domain-re-animator-bot.txt
│  │  │      domaintools-surveybot.txt
│  │  │      dooble.txt
│  │  │      dorado-wap-browser.txt
│  │  │      dotcom-monitor-bot.txt
│  │  │      dotnetdotcomdotorg-crawler.txt
│  │  │      dragon.txt
│  │  │      duckduckgo-favicons-bot.txt
│  │  │      ea-origin-browser.txt
│  │  │      earthcom-crawler.txt
│  │  │      earthworm.txt
│  │  │      edge.txt
│  │  │      electron-application.txt
│  │  │      elinks.txt
│  │  │      embedded-web-browser.txt
│  │  │      emeraldshield-com-filter.txt
│  │  │      envolk-spider.txt
│  │  │      epiphany.txt
│  │  │      evaliant-impressions-bot.txt
│  │  │      eve-in-game-browser.txt
│  │  │      exalead-crawler.txt
│  │  │      exalead-image-crawler.txt
│  │  │      exb-language-crawler.txt
│  │  │      excel.txt
│  │  │      facebook-app.txt
│  │  │      facebook-bot.txt
│  │  │      fast-enterprise-crawler.txt
│  │  │      fast-fresh-crawler.txt
│  │  │      fennec.txt
│  │  │      findlinks-crawler-bot.txt
│  │  │      firebird.txt
│  │  │      firefox-focus.txt
│  │  │      firefox.txt
│  │  │      flashfire.txt
│  │  │      flock.txt
│  │  │      frontpage.txt
│  │  │      galeon.txt
│  │  │      genieo-bot.txt
│  │  │      gnip-unwindfetchor-crawler.txt
│  │  │      gomezagent.txt
│  │  │      google-app-engine-software.txt
│  │  │      google-earth-pro.txt
│  │  │      google-earth.txt
│  │  │      google-favicon-crawler.txt
│  │  │      google-image-proxy.txt
│  │  │      google-s-media-partners-system-adsense.txt
│  │  │      google-search-app.txt
│  │  │      google-site-verifier-bot.txt
│  │  │      google-snippet-fetcher.txt
│  │  │      google-structured-data-testing-tool.txt
│  │  │      google-weblight-proxy.txt
│  │  │      googlebot-mobile.txt
│  │  │      googlebot.txt
│  │  │      grapeshot-bot.txt
│  │  │      gtmetrix-analyser.txt
│  │  │      httpclient.txt
│  │  │      ibrowser.txt
│  │  │      icab.txt
│  │  │      iceape.txt
│  │  │      iceweasel.txt
│  │  │      internet-archiver-bot.txt
│  │  │      internet-channel.txt
│  │  │      internet-explorer-mobile.txt
│  │  │      internet-explorer.txt
│  │  │      internet-tv-browser.txt
│  │  │      iris.txt
│  │  │      itunes.txt
│  │  │      jakarta-commons-httpclient.txt
│  │  │      java-runtime-environment.txt
│  │  │      javafx-platform.txt
│  │  │      k-meleon.txt
│  │  │      kazehakase.txt
│  │  │      kindle-browser.txt
│  │  │      konqueror.txt
│  │  │      lb-browser.txt
│  │  │      library-for-www-in-perl.txt
│  │  │      light.txt
│  │  │      linkcheck-analyser.txt
│  │  │      links.txt
│  │  │      liquid-mt-browser.txt
│  │  │      lunascape.txt
│  │  │      lynx.txt
│  │  │      majestic-12-distributed-search-bot.txt
│  │  │      maxthon.txt
│  │  │      meanpath-bot.txt
│  │  │      mercury-browser.txt
│  │  │      microsoft-cryptoapi.txt
│  │  │      midori.txt
│  │  │      minefield.txt
│  │  │      mosaic.txt
│  │  │      motorola-internet-browser.txt
│  │  │      msn-bot.txt
│  │  │      msn-media-bot.txt
│  │  │      mvision-player.txt
│  │  │      naenara.txt
│  │  │      netcast.txt
│  │  │      netcraft-web-server-survey.txt
│  │  │      netfront-browser-nx.txt
│  │  │      netfront.txt
│  │  │      netscape-navigator.txt
│  │  │      netsurf.txt
│  │  │      nexplayer.txt
│  │  │      nintendo-browser.txt
│  │  │      nintendo-dsi-browser.txt
│  │  │      nokia-browser.txt
│  │  │      nook-web-browser.txt
│  │  │      nutraspace-search.txt
│  │  │      obigo.txt
│  │  │      office.txt
│  │  │      okhttp.txt
│  │  │      omniweb.txt
│  │  │      onebrowser.txt
│  │  │      onenote.txt
│  │  │      open-webkit-sharp-based-browser.txt
│  │  │      openwave-mobile-browser.txt
│  │  │      opera-mini.txt
│  │  │      opera.txt
│  │  │      orca.txt
│  │  │      outform-digital-display.txt
│  │  │      outlook.txt
│  │  │      ovi.txt
│  │  │      pale-moon.txt
│  │  │      phoenix.txt
│  │  │      pinterest-app.txt
│  │  │      pinterest-bot.txt
│  │  │      playbook-web-browser.txt
│  │  │      playstation-4-browser.txt
│  │  │      powerpoint.txt
│  │  │      pro-engineer-wildfire.txt
│  │  │      proximic-search.txt
│  │  │      puffin.txt
│  │  │      python-urllib.txt
│  │  │      qihoo-360.txt
│  │  │      qq-browser.txt
│  │  │      qqdownload-download-manager.txt
│  │  │      qt-based-browser.txt
│  │  │      qtcarbrowser.txt
│  │  │      qualys-ssl-assessment-scanner.txt
│  │  │      qupzilla.txt
│  │  │      raptr.txt
│  │  │      rekonq.txt
│  │  │      roccat.txt
│  │  │      rockmelt.txt
│  │  │      ruxitsynthetic.txt
│  │  │      safari.txt
│  │  │      safepay.txt
│  │  │      samsung-browser.txt
│  │  │      seamonkey.txt
│  │  │      secondlife.txt
│  │  │      shiretoko.txt
│  │  │      silk.txt
│  │  │      skyfire.txt
│  │  │      slackbot-link-checker.txt
│  │  │      sleipnir.txt
│  │  │      slimbrowser.txt
│  │  │      sogou-explorer.txt
│  │  │      sogou-search-dog.txt
│  │  │      songbird.txt
│  │  │      sony-web-browser.txt
│  │  │      sosospider-search-bot.txt
│  │  │      speedcurve-speed-tester.txt
│  │  │      splash.txt
│  │  │      spraycan.txt
│  │  │      squider-bot.txt
│  │  │      srware-iron.txt
│  │  │      teashark.txt
│  │  │      tencenttraveler.txt
│  │  │      tenfourfox.txt
│  │  │      theworld-browser.txt
│  │  │      thunderbird.txt
│  │  │      topsy-butterfly-robot.txt
│  │  │      tweetmeme-bot.txt
│  │  │      twitter-app.txt
│  │  │      twitterbot.txt
│  │  │      uc-browser.txt
│  │  │      valve-steam-game-overlay.txt
│  │  │      valve-steam-tenfoot-display.txt
│  │  │      vienna.txt
│  │  │      vision-mobile-browser.txt
│  │  │      visual-basic-project.txt
│  │  │      vivaldi.txt
│  │  │      voilabot-beta.txt
│  │  │      voilabot.txt
│  │  │      w3c-css-validator.txt
│  │  │      w3c-link-checker.txt
│  │  │      w3c-validator.txt
│  │  │      w3m.txt
│  │  │      waterfox.txt
│  │  │      webkit-based-browser.txt
│  │  │      weblink-preview.txt
│  │  │      weblink.txt
│  │  │      webos-browser.txt
│  │  │      webpositive.txt
│  │  │      webtv.txt
│  │  │      webview-based-browser.txt
│  │  │      wechat.txt
│  │  │      wget.txt
│  │  │      word.txt
│  │  │      wyzo.txt
│  │  │      yahoo-cache-system.txt
│  │  │      yahoo-slurp-web-crawler-bot.txt
│  │  │      yandex-browser.txt
│  │  │      yandex-search-bot.txt
│  │  │      yodaobot-search-bot.txt
│  │  │
│  │  └─software-type-specific
│  │          analyser.txt
│  │          application.txt
│  │          billboard.txt
│  │          crawler.txt
│  │          download-helper.txt
│  │          in-app-browser.txt
│  │          media-player.txt
│  │          proxy.txt
│  │          security-analyser.txt
│  │          site-monitor.txt
│  │          software-library.txt
│  │          tool.txt
│  │          web-browser.txt
│  │
│  └─XSS
│          XSS-BruteLogic.txt
│          XSS-Bypass-Strings-BruteLogic.txt
│          XSS-Cheat-Sheet-PortSwigger.txt
│          XSS-Jhaddix.txt
│          XSS-OFJAAAH.txt
│          XSS-RSNAKE.txt
│          XSS-Somdev.txt
│          XSS-Vectors-Mario.txt
│          XSS-With-Context-Jhaddix.txt
│          xss-without-parentheses-semi-colons-portswigger.txt
│
├─IOCs
│      kaspersky-careto-C2.txt
│      kaspersky-careto-domains.txt
│      kaspersky-careto-files-no-env-vars.txt
│      kaspersky-careto-files.txt
│      kaspersky-careto-registry.txt
│      README.md
│
├─Miscellaneous
│  │  control-chars.txt
│  │  curl-protocols.txt
│  │  dns-resolvers.txt
│  │  domains-1million-top.txt
│  │  ike-groupid.txt
│  │  lang-english.txt
│  │  lang-french-full.txt
│  │  lang-french-small.txt
│  │  lang-german.txt
│  │  lang-portuguese.txt
│  │  lang-spanish.txt
│  │  pi-large.txt
│  │  schemes.txt
│  │  top-domains-alexa.csv.zip
│  │  top-domains-majestic.csv.zip
│  │  us-cities.txt
│  │  wordlist-skipfish.fuzz.txt
│  │
│  ├─EFF-Dice
│  │      large.txt
│  │      large_words.txt
│  │      README.md
│  │      small_1.txt
│  │      small_1_words.txt
│  │      small_2.txt
│  │      small_2_words.txt
│  │
│  ├─security-question-answers
│  │  │  cities.txt
│  │  │  city-state-country.txt
│  │  │  common-surnames.txt
│  │  │  dates.txt
│  │  │  html-colors.txt
│  │  │  street-names.txt
│  │  │  url-to-download-books.md
│  │  │  zip-codes.txt
│  │  │
│  │  ├─us-colleges
│  │  │      Alabama.txt
│  │  │      Alaska.txt
│  │  │      American.txt
│  │  │      Arizona.txt
│  │  │      Arkansas.txt
│  │  │      Bloomington,.txt
│  │  │      California.txt
│  │  │      Colorado.txt
│  │  │      Connecticut.txt
│  │  │      Delaware.txt
│  │  │      District.txt
│  │  │      Federated.txt
│  │  │      Florida.txt
│  │  │      Georgia.txt
│  │  │      Guam.txt
│  │  │      Honolulu,.txt
│  │  │      Idaho.txt
│  │  │      Illinois.txt
│  │  │      Indiana.txt
│  │  │      Iowa.txt
│  │  │      Kansas.txt
│  │  │      Kentucky.txt
│  │  │      Las.txt
│  │  │      Louisiana.txt
│  │  │      Maine.txt
│  │  │      Marshall.txt
│  │  │      Maryland.txt
│  │  │      Massachusetts.txt
│  │  │      Mississippi.txt
│  │  │      Missouri.txt
│  │  │      Montana.txt
│  │  │      Nebraska.txt
│  │  │      New.txt
│  │  │      North.txt
│  │  │      Northern.txt
│  │  │      Ohio.txt
│  │  │      Oklahoma.txt
│  │  │      Oregon.txt
│  │  │      Palau.txt
│  │  │      Pennsylvania.txt
│  │  │      Provo,.txt
│  │  │      Puerto.txt
│  │  │      Rhode.txt
│  │  │      South.txt
│  │  │      Southfield,.txt
│  │  │      Tennessee.txt
│  │  │      Texas.txt
│  │  │      Vermont.txt
│  │  │      Virgin.txt
│  │  │      Virginia.txt
│  │  │      Washington.txt
│  │  │      West.txt
│  │  │      Wisconsin.txt
│  │  │      Wyoming.txt
│  │  │
│  │  ├─us-private-schools
│  │  │      Alabama-school.txt
│  │  │      Alaska-school.txt
│  │  │      Arizona-school.txt
│  │  │      Arkansas-school.txt
│  │  │      California-school.txt
│  │  │      Colorado-school.txt
│  │  │      Connecticut-school.txt
│  │  │      Delaware-school.txt
│  │  │      Florida-school.txt
│  │  │      Georgia-school.txt
│  │  │      Hawaii-school.txt
│  │  │      Idaho-school.txt
│  │  │      Illinois-school.txt
│  │  │      Indiana-school.txt
│  │  │      Iowa-school.txt
│  │  │      Kansas-school.txt
│  │  │      Kentucky-school.txt
│  │  │      Louisiana-school.txt
│  │  │      Maine-school.txt
│  │  │      Maryland-school.txt
│  │  │      Massachusetts-school.txt
│  │  │      Michigan-school.txt
│  │  │      Minnesota-school.txt
│  │  │      Missouri-school.txt
│  │  │      Montana-school.txt
│  │  │      Nebraska-school.txt
│  │  │      Nevada-school.txt
│  │  │      New-Hampshire-school.txt
│  │  │      New-Jersey-school.txt
│  │  │      New-Mexico-school.txt
│  │  │      New-York-school.txt
│  │  │      North-Carolina-school.txt
│  │  │      North-Dakota-school.txt
│  │  │      Ohio-school.txt
│  │  │      Oklahoma-school.txt
│  │  │      Oregon-school.txt
│  │  │      Pennslyvania-school.txt
│  │  │      Rhode-Island-school.txt
│  │  │      South-Carolina-school.txt
│  │  │      South-Dakota-school.txt
│  │  │      Tennessee-school.txt
│  │  │      Texas-school.txt
│  │  │      Utah-school.txt
│  │  │      Vermont-school.txt
│  │  │      Virginia-school.txt
│  │  │      Washington-DC-school.txt
│  │  │      Washington-school.txt
│  │  │      West-Virginia-school.txt
│  │  │      Wisconsin-school.txt
│  │  │      Wyoming-school.txt
│  │  │
│  │  └─us-public-schools
│  │          Alabama-school.txt
│  │          Alaska-school.txt
│  │          American-Samoa-school.txt
│  │          Arizona-school.txt
│  │          Arkansas-school.txt
│  │          Bureau-of-Indian-Affairs-school.txt
│  │          California-school.txt
│  │          Colorado-school.txt
│  │          Connecticut-school.txt
│  │          Delaware-school.txt
│  │          District-of-Columbia-school.txt
│  │          Florida-school.txt
│  │          Georgia-school.txt
│  │          Guam-school.txt
│  │          Hawaii-school.txt
│  │          Idaho-school.txt
│  │          Illinois-school.txt
│  │          Indiana-school.txt
│  │          Iowa-school.txt
│  │          Kansas-school.txt
│  │          Kentucky-school.txt
│  │          Louisiana-school.txt
│  │          Maine-school.txt
│  │          Maryland-school.txt
│  │          Massachusetts-school.txt
│  │          Michigan-school.txt
│  │          Minnesota-school.txt
│  │          Mississippi-school.txt
│  │          Missouri-school.txt
│  │          Montana-school.txt
│  │          Nebraska-school.txt
│  │          Nevada-school.txt
│  │          New-Hampshire-school.txt
│  │          New-Jersey-school.txt
│  │          New-Mexico-school.txt
│  │          New-York-school.txt
│  │          North-Carolina-school.txt
│  │          North-Dakota-school.txt
│  │          Ohio-school.txt
│  │          Oklahoma-school.txt
│  │          Oregon-school.txt
│  │          Other-school.txt
│  │          Pennsylvania-school.txt
│  │          Puerto-Rico-school.txt
│  │          Rhode-Island-school.txt
│  │          South-Carolina-school.txt
│  │          South-Dakota-school.txt
│  │          Tennessee-school.txt
│  │          Texas-school.txt
│  │          Utah-school.txt
│  │          Vermont-school.txt
│  │          Virgin-Islands-school.txt
│  │          Virginia-school.txt
│  │          Washington-school.txt
│  │          West-Virginia-school.txt
│  │          Wisconsin-school.txt
│  │          Wyoming-school.txt
│  │
│  └─web
│      │  content-type.txt
│      │  html-attributes.txt
│      │  html-events.txt
│      │  html-tags.txt
│      │  keyhacks-api.md
│      │  session-id.txt
│      │
│      └─http-request-headers
│              http-request-headers-common-ip-address.txt
│              http-request-headers-common-non-standard-examples.txt
│              http-request-headers-common-non-standard-fields.txt
│              http-request-headers-common-standard-examples.txt
│              http-request-headers-common-standard-fields.txt
│              http-request-headers-fields-large.txt
│
├─Passwords
│  │  2020-200_most_used_passwords.txt
│  │  bt4-password.txt
│  │  cirt-default-passwords.txt
│  │  clarkson-university-82.txt
│  │  darkc0de.txt
│  │  darkweb2017-top10.txt
│  │  darkweb2017-top100.txt
│  │  darkweb2017-top1000.txt
│  │  darkweb2017-top10000.txt
│  │  der-postillon.txt
│  │  dutch_common_wordlist.txt
│  │  dutch_passwordlist.txt
│  │  dutch_wordlist
│  │  german_misc.txt
│  │  Keyboard-Combinations.txt
│  │  Most-Popular-Letter-Passes.txt
│  │  mssql-passwords-nansh0u-guardicore.txt
│  │  openwall.net-all.txt
│  │  PHP-Magic-Hashes.txt
│  │  probable-v2-top12000.txt
│  │  probable-v2-top1575.txt
│  │  probable-v2-top207.txt
│  │  README.md
│  │  richelieu-french-top20000.txt
│  │  richelieu-french-top5000.txt
│  │  SCRABBLE-hackerhouse.tgz
│  │  stupid-ones-in-production.txt
│  │  twitter-banned.txt
│  │  unkown-azul.txt
│  │  url-to-download-passwords.md
│  │  UserPassCombo-Jay.txt
│  │  xato-net-10-million-passwords-10.txt
│  │  xato-net-10-million-passwords-100.txt
│  │  xato-net-10-million-passwords-1000.txt
│  │  xato-net-10-million-passwords-10000.txt
│  │  xato-net-10-million-passwords-100000.txt
│  │  xato-net-10-million-passwords-1000000.txt
│  │  xato-net-10-million-passwords-dup.txt
│  │  xato-net-10-million-passwords.txt
│  │
│  ├─BiblePass
│  │      BiblePass_part01.txt
│  │      BiblePass_part02.txt
│  │      BiblePass_part03.txt
│  │      BiblePass_part04.txt
│  │      BiblePass_part05.txt
│  │      BiblePass_part06.txt
│  │      BiblePass_part07.txt
│  │      BiblePass_part08.txt
│  │      BiblePass_part09.txt
│  │      BiblePass_part10.txt
│  │      BiblePass_part11.txt
│  │      BiblePass_part12.txt
│  │      BiblePass_part13.txt
│  │      BiblePass_part14.txt
│  │      BiblePass_part15.txt
│  │      BiblePass_part16.txt
│  │      BiblePass_part17.txt
│  │
│  ├─Common-Credentials
│  │      10-million-password-list-top-100.txt
│  │      10-million-password-list-top-1000.txt
│  │      10-million-password-list-top-10000.txt
│  │      10-million-password-list-top-100000.txt
│  │      10-million-password-list-top-1000000.txt
│  │      10-million-password-list-top-500.txt
│  │      100k-most-used-passwords-NCSC.txt
│  │      10k-most-common.txt
│  │      500-worst-passwords.txt
│  │      best1050.txt
│  │      best110.txt
│  │      best15.txt
│  │      common-passwords-win.txt
│  │      four-digit-pin-codes-sorted-by-frequency-withcount.csv
│  │      medical-devices.txt
│  │      SplashData-2014.txt
│  │      SplashData-2015-1.txt
│  │      SplashData-2015-2.txt
│  │      top-20-common-SSH-passwords.txt
│  │      top-passwords-shortlist.txt
│  │      worst-passwords-2017-top100-slashdata.txt
│  │
│  ├─Cracked-Hashes
│  │      milw0rm-dictionary.txt
│  │
│  ├─Default-Credentials
│  │      db2-betterdefaultpasslist.txt
│  │      default-passwords.csv
│  │      ftp-betterdefaultpasslist.txt
│  │      mssql-betterdefaultpasslist.txt
│  │      mysql-betterdefaultpasslist.txt
│  │      oracle-betterdefaultpasslist.txt
│  │      oracle-ebs-passwordlist.txt
│  │      oracle-ebs-userlist.txt
│  │      postgres-betterdefaultpasslist.txt
│  │      scada-pass.csv
│  │      ssh-betterdefaultpasslist.txt
│  │      telnet-betterdefaultpasslist.txt
│  │      telnet-phenoelit.txt
│  │      tomcat-betterdefaultpasslist.txt
│  │      vnc-betterdefaultpasslist.txt
│  │      windows-betterdefaultpasslist.txt
│  │
│  ├─Honeypot-Captures
│  │      multiplesources-passwords-fabian-fingerle.de.txt
│  │      python-heralding-sep2019.txt
│  │      Sucuri-Top-Wordpress-Passwords.txt
│  │      wordpress-attacks-july2014.txt
│  │
│  ├─Leaked-Databases
│  │      000webhost.txt
│  │      adobe100.txt
│  │      alleged-gmail-passwords.txt
│  │      Ashley-Madison.txt
│  │      bible-withcount.txt
│  │      bible.txt
│  │      carders.cc.txt
│  │      elitehacker-withcount.txt
│  │      elitehacker.txt
│  │      faithwriters-withcount.txt
│  │      faithwriters.txt
│  │      hak5-withcount.txt
│  │      hak5.txt
│  │      honeynet-withcount.txt
│  │      honeynet.txt
│  │      honeynet2.txt
│  │      hotmail.txt
│  │      izmy.txt
│  │      Lizard-Squad.txt
│  │      md5decryptor-uk.txt
│  │      muslimMatch-withcount.txt
│  │      muslimMatch.txt
│  │      myspace-withcount.txt
│  │      myspace.txt
│  │      NordVPN.txt
│  │      phpbb-cleaned-up.txt
│  │      phpbb-withcount.txt
│  │      phpbb.txt
│  │      porn-unknown-withcount.txt
│  │      porn-unknown.txt
│  │      rockyou-05.txt
│  │      rockyou-10.txt
│  │      rockyou-15.txt
│  │      rockyou-20.txt
│  │      rockyou-25.txt
│  │      rockyou-30.txt
│  │      rockyou-35.txt
│  │      rockyou-40.txt
│  │      rockyou-45.txt
│  │      rockyou-50.txt
│  │      rockyou-55.txt
│  │      rockyou-60.txt
│  │      rockyou-65.txt
│  │      rockyou-70.txt
│  │      rockyou-75.txt
│  │      rockyou-withcount.txt.tar.gz
│  │      rockyou.txt.tar.gz
│  │      singles.org-withcount.txt
│  │      singles.org.txt
│  │      tuscl.txt
│  │      youporn2012-raw.txt
│  │      youporn2012.txt
│  │
│  ├─Malware
│  │      conficker.txt
│  │      mirai-botnet.txt
│  │
│  ├─Permutations
│  │      1337speak.txt
│  │      korelogic-password.txt
│  │      password-permutations.txt
│  │
│  ├─Software
│  │      cain-and-abel.txt
│  │      john-the-ripper.txt
│  │
│  └─WiFi-WPA
│          probable-v2-wpa-top447.txt
│          probable-v2-wpa-top4800.txt
│          probable-v2-wpa-top62.txt
│
├─Pattern-Matching
│  │  dangerous-functions-angular.txt
│  │  errors.txt
│  │  grepstrings-auditing-php.md
│  │  grepstrings-basic.txt
│  │  malicious.txt
│  │  pcap-strings.txt
│  │  php-magic-hashes-whitehatsec.txt
│  │  README.md
│  │  repo-scan.txt
│  │  thickclient-basic.txt
│  │
│  └─Source-Code-(PHP)
│          php-auditing.txt
│
├─Payloads
│  │  README.md
│  │
│  ├─Anti-Virus
│  │      eicar-com.txt
│  │
│  ├─File-Names
│  │  ├─exec
│  │  │      Hello$(hostname)World.txt
│  │  │      Hello`hostname`World.txt
│  │  │
│  │  ├─max-length
│  │  │      make-255.sh
│  │  │
│  │  ├─null-byte
│  │  │      Hello%00World.txt
│  │  │      Hello.php%00World.txt
│  │  │
│  │  └─traversal
│  │          ..;
│  │          ..;_
│  │          .._;
│  │          ..__..__;
│  │          ..__;
│  │          .;
│  │          .;_
│  │          ._.._
│  │          ._.._;
│  │          ._;
│  │          ;
│  │          ;_
│  │          _.._;
│  │          _;
│  │          __..__;
│  │
│  ├─Flash
│  │      xssproject.swf
│  │
│  ├─Images
│  │      lottapixel.jpg
│  │      uber.gif
│  │
│  ├─PHPInfo
│  │      make-aio.sh
│  │      phpinfo-aio.tar
│  │      phpinfo-aio.zip
│  │      phpinfo-metadata.gif
│  │      phpinfo-metadata.jpg
│  │      phpinfo-shortsyntax.php
│  │      phpinfo.''gif
│  │      phpinfo.'gif
│  │      phpinfo.jpg.php
│  │      phpinfo.php
│  │      phpinfo.php-1.gif
│  │      phpinfo.php-2.gif
│  │      phpinfo.php.''gif
│  │      phpinfo.php.'gif
│  │      phpinfo.php._gif
│  │      phpinfo.php.__gif
│  │      phpinfo.php3
│  │      phpinfo.php4
│  │      phpinfo.php5
│  │      phpinfo.php7
│  │      phpinfo.php;.txt
│  │      phpinfo.phpt
│  │      phpinfo.pht
│  │      phpinfo.phtml
│  │      phpinfo.txt
│  │      phpinfo._gif
│  │      phpinfo.__gif
│  │
│  ├─Zip-Bombs
│  │      338.zip
│  │      42-password-42.zip
│  │      42-passwordless.zip
│  │      droste.zip
│  │      r.gz
│  │      r.tar.gz
│  │      r.zip
│  │      zblg.zip
│  │      zbsm.zip
│  │      zbxl.zip
│  │      zip-bomb.zip
│  │
│  └─Zip-Traversal
│          depth-00.zip
│          depth-01.zip
│          depth-02.zip
│          depth-03.zip
│          depth-04.zip
│          depth-05.zip
│          depth-06.zip
│          depth-07.zip
│          depth-08.zip
│          depth-09.zip
│          depth-10.zip
│          index.php
│          make.py
│
├─Usernames
│  │  cirt-default-usernames.txt
│  │  CommonAdminBase64.txt
│  │  mssql-usernames-nansh0u-guardicore.txt
│  │  README.md
│  │  sap-default-usernames.txt
│  │  top-usernames-shortlist.txt
│  │  xato-net-10-million-usernames-dup.txt
│  │  xato-net-10-million-usernames.txt
│  │
│  ├─Honeypot-Captures
│  │      multiplesources-users-fabian-fingerle.de.txt
│  │
│  └─Names
│          familynames-usa-top1000.txt
│          femalenames-usa-top1000.txt
│          malenames-usa-top1000.txt
│          names.txt
│
└─Web-Shells
    │  backdoor_list.txt
    │
    ├─CFM
    │      shell.cfm.html
    │
    ├─FuzzDB
    │      cmd-simple.php
    │      cmd.aspx
    │      cmd.jsp
    │      cmd.php
    │      cmd.sh
    │      list.jsp
    │      list.php
    │      list.sh
    │      nc.exe
    │      reverse.jsp
    │      up.php
    │      up.sh
    │
    ├─JSP
    │      simple-shell.jsp
    │
    ├─laudanum-0.8
    │  │  CREDITS
    │  │  GPL
    │  │  README
    │  │
    │  ├─asp
    │  │      dns.asp
    │  │      file.asp
    │  │      proxy.asp
    │  │      shell.asp
    │  │
    │  ├─aspx
    │  │      dns.aspx
    │  │      file.aspx
    │  │      shell.aspx
    │  │
    │  ├─cfm
    │  │      shell.cfm
    │  │
    │  ├─jsp
    │  │  │  cmd.war
    │  │  │  makewar.sh
    │  │  │
    │  │  └─warfiles
    │  │      │  cmd.jsp
    │  │      │
    │  │      ├─META-INF
    │  │      │      MANIFEST.MF
    │  │      │
    │  │      └─WEB-INF
    │  │              web.xml
    │  │
    │  └─php
    │          dns.php
    │          file.php
    │          php-reverse-shell.php
    │          proxy.php
    │          shell.php
    │
    ├─Magento
    │      newadmin-Inchoo.php
    │      newadmin-KINKCreative.php
    │
    ├─PHP
    │      obfuscated-phpshell.php
    │
    └─WordPress
            bypass-login.php
            plugin-shell.php

SecLists大小

密码字典压缩包为477M
解压后为1.43G

SecLists部分文件截图

DNS爆破密码字典列表示例

nmap top1000开放端口

机密关键字列表

ConsumerKey
ConsumerSecret
DB_USERNAME
HEROKU_API_KEY
HOMEBREW_GITHUB_API_TOKEN
JEKYLL_GITHUB_TOKEN
PT_TOKEN
SESSION_TOKEN
SF_USERNAME
SLACK_BOT_TOKEN
access-token
access_token
access_token_secret
accesstoken
admin
api-key
api_key
api_secret_key
api_token
auth_token
authkey
authorization
authorization_key
authorization_token
authtoken
aws_access_key_id
aws_secret_access_key
bearer
bot_access_token
bucket
client-secret
client_id
client_key
client_secret
clientsecret
consumer_key
consumer_secret
dbpasswd
email
encryption-key
encryption_key
encryptionkey
id_dsa
irc_pass
key
oauth_token
pass
password
private_key
private-key
privatekey
secret
secret-key
secret_key
secret_token
secretkey
secretkey
session_key
session_secret
slack_api_token
slack_secret_token
slack_token
ssh-key
ssh_key
sshkey
token
username
xoxa-2
xoxr

json fuzz 密码字典列表

默认密码字典列表

后门列表

下载:

①迅雷网盘:pan.xunlei.com/ 提取码:yj4v
②GitHub: codeload.github.com/
解压密码: www.ddosi.com

压缩包

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
  && unzip SecList.zip \
  && rm -f SecList.zip

Git(小)

git clone --depth 1 https://github.com/danielmiessler/SecLists.git

Git(完整)

git clone https://github.com/danielmiessler/SecLists.git

Kali Linux工具页

apt -y install seclists