SecLists is a github-based collection of multiple types of lists that can be used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more. The idea is that when preparing to test from a given system one can simply pull this repository and instantly have all the lists you'll need for finding sensitive data, fuzzing, breaking authentication, simulating whitebox testing for common frameworks, etc.
If you have any ideas for things we should include, please send them to email@example.com. Also note that any lists that have been meticulously assembled by someone else will only be used with permission of the creator. This project is maintained by Daniel Miessler and Jason Haddix.
Download as zip file