SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place.

List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, a…

SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place.

List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.

Contents of SecLists

Each section has tonnes of content including the below:

  • Discovery lists (DNS, SNMP, Web content)
  • Fuzzing Payloads (Databases, LFI, SQLi, XSS)
  • Password lists (Common credentials, cracked hashes, honeypot captures, leaked lists)
  • Data Pattern lists
  • Payload files (Zip bombs, flash, images)
  • Username lists (Honeypot captures)
  • Web shells

Install SecLists

Zip

wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
&& unzip SecList.zip \
&& rm -f SecList.zip

Git (Small)

git clone --depth 1 https://github.com/danielmiessler/SecLists.git

Git (Complete)

git clone [email protected]:danielmiessler/SecLists.git

You can access all the lists here:

https://github.com/danielmiessler/SecLists

Read the rest of SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells now! Only available at Darknet.

GoBuster – Directory/File & DNS Busting Tool in Go

GoBuster is a Go-based tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (with wildcard support) – essentially a directory/file & DNS busting tool.

The author built YET ANOTHER directory and DNS brute forcing to…

GoBuster – Directory/File & DNS Busting Tool in Go

GoBuster is a Go-based tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (with wildcard support) – essentially a directory/file & DNS busting tool.

The author built YET ANOTHER directory and DNS brute forcing tool because he wanted..

  • … something that didn’t have a fat Java GUI (console FTW).
  • … to build something that just worked on the command line.
  • … something that did not do recursive brute force.

Read the rest of GoBuster – Directory/File & DNS Busting Tool in Go now! Only available at Darknet.

BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy

BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity.

The Backdoor Factory allo…

BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy

BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads (software updates for example) from vendors that don’t validate data integrity.

The Backdoor Factory allows you to patch binaries with shell-code so combining that with mitmproxy, which is a Python proxy-server that can catch HTTP, change traffic on the fly, replay traffic, decode and render primitive data types – gives you BDFProxy.

Read the rest of BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy now! Only available at Darknet.

Domained – Multi Tool Subdomain Enumeration

Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting.

This produces categorized screenshots, server response h…

Domained – Multi Tool Subdomain Enumeration

Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains that are passed to EyeWitness for reporting.

This produces categorized screenshots, server response headers and signature based default credential checking. It is written in Python heavily leveraging Recon-ng.

Domains Subdomain Enumeration Tools Leveraged

Subdomain Enumeraton Tools:

  • Sublist3r
  • enumall
  • Knock
  • Subbrute
  • massdns
  • Recon-ng
  • Amass
  • SubFinder

Reporting + Wordlists:

  • EyeWitness
  • SecList (DNS Recon List)
  • LevelUp All.txt Subdomain List

Domained Subdomain Enumeration Tool Usage

--install/--upgrade Both do the same function – install all prerequisite tools
--vpn Check if you are on VPN (update with your provider)
--quick Use ONLY Amass and SubFinder
--bruteall Bruteforce with JHaddix All.txt List instead of SecList
--fresh Delete old data from output folder
--notify Send Pushover or Gmail Notifications
--active EyeWitness Active Scan
--noeyewitness No Eyewitness
-d The domain you want to preform recon on
-b Bruteforce with subbrute/massdns and SecList wordlist
-s n Only HTTPs domains
-p Add port 8080 for HTTP and 8443 for HTTPS

Subdomain Enumeration Examples

First Steps are to install required Python modules and tools:

sudo pip install -r ./ext/requirements.txt
sudo python domained.py --install

Example 1 – Uses subdomain example.com (Sublist3r (+subbrute), enumall, Knock, Amass, and SubFinder)

python domained.py -d example.com

Example 2: – Uses subdomain example.com with seclist subdomain list bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall, and SubFinder), adds ports 8443/8080 and checks if on VPN

python domained.py -d example.com -b -p --vpn

Example 3: – Uses subdomain example.com with large-all.txt bruteforcing (massdns, subbrute, Sublist3r, Amass, enumall and SubFinder)

python domained.py -d example.com -b --bruteall

Example 4: – Uses subdomain example.com and only Amass and SubFinder

python domained.py -d example.com --quick

Example 5: – Uses subdomain example.com, only Amass and SubFinder and notification

python domained.py -d example.com --quick --notify

Example 6: – Uses subdomain example.com with no EyeWitness

python domained.py -d example.com --noeyewitness

Note: --bruteall must be used with the -b flag

You can download Domained here:

domained-master.zip

Or read more here.

Read the rest of Domained – Multi Tool Subdomain Enumeration now! Only available at Darknet.