SecLists Logo

SecLists

1
Free
2
65,487
08 Sept 2025
16 September 2025
Visit Website

SecLists is a comprehensive collection of security testing lists maintained by Daniel Miessler, Jason Haddix, and g0tmi1k. The repository contains multiple types of lists used during security assessments and penetration testing activities. The collection includes usernames and passwords for credential testing, URLs for web application testing, sensitive data patterns for data discovery, fuzzing payloads for input validation testing, and web shells for post-exploitation activities. The repository serves as a centralized resource for security professionals conducting various types of security assessments. Users can clone the 1.2 GB repository to access all available lists for their testing purposes. The project provides organized collections of data that support different phases of security testing, from reconnaissance to exploitation.

FEATURES

SIMILAR TOOLS

A digital archive of the internet, allowing users to capture and browse archived web pages.

A CVE compliant archive of public exploits and corresponding vulnerable software, and a categorized index of Internet search engine queries designed to uncover sensitive information.

An Azure Function that validates and relays Cobalt Strike beacon traffic based on Malleable C2 profile authentication.

A collection of Python scripts for password spraying attacks against Lync/S4B & OWA, featuring Atomizer, Vaporizer, Aerosol, and Spindrift tools.

BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.

SharpShares efficiently enumerates and maps network shares and resolves names within a domain.

Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.

SharpPrinter enables efficient discovery of network printers for security and management purposes.

PINNED

RoboShadow Logo

A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.

Vulnerability Management
Proton Pass Logo

Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.

Data Protection
NordVPN Logo

NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.

Network Security
Mandos Logo

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
CybersecTools logoCybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved