Fuzzing / Wordlists

https://twitter.com/Jhaddix/status/1177706552272142337
1. https://twitter.com/NahamSec/status/1177672652011343873
https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d
1. https://twitter.com/Yassineaboukir/status/1189813564053180416
https://twitter.com/soaj1664ashar/status/1189570378961739777
https://twitter.com/s0md3v/status/1190325611215982592
Param Bruteforce -https://twitter.com/HusseiN98D/status/1166759438503620610 - Arjun
Rustbuster - https://twitter.com/michael_eder_/status/1166629786711670784
Check Status Codes - https://github.com/Sy3Omda/dotfiles/blob/master/fetcher.sh
Robots disallowed - https://github.com/danielmiessler/RobotsDisallowed
Content Discovery - https://twitter.com/Alra3ees/status/1208502084246671366 (Also downloaded the same)
https://twitter.com/Random_Robbie/status/1221748816308768770
Dirbuster - When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u - https://twitter.com/i/status/1221792235215151104
PathBrute - https://github.com/milo2012/pathbrute
https://github.com/enciphers/Wordlists
Content_discovery_nullenc0de.txt
https://github.com/pwnwiki/webappurls
Status codes - hakul/hakcrawl - gofetch , statusparser
What are your normal testing steps when you see a 401? - https://twitter.com/nomanAli181/status/1146411693590736896
https://twitter.com/payloadartist/status/1240591694753452032
https://github.com/deibit/cansina - web content discovery
https://twitter.com/_harleo/status/1138883725675192322
https://github.com/phspade/Combined-Wordlists
New dirs to bruteforce -https://twitter.com/nullenc0de/status/1249804904790732802
https://twitter.com/imranparray101/status/1141100671581556736?s=20
Jhaddix -

Tools - Fast web fuzzer written in Go - https://github.com/ffuf/ffuf

When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:

dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u

Any tool to dedupe a list of urls according their parameters? I mean keep only 1 url if it appears several times with same params no matter their values - https://twitter.com/gwendallecoguic/status/1207435306410168322

https://securityjunky.com/ffuf-on-steroids/
https://github.com/assetnote/commonspeak2-wordlists
wordlist by random robbie - https://gist.github.com/random-robbie/0f9d24a7b3c7268ee0c1ecdbe280611b
Subdomain bruteforce list - https://twitter.com/Alra3ees/status/1068079409117188096
FULLL LIST _ https://forum.bugcrowd.com/t/dropping-a-cool-wordlist/9211
Interesting file extensions to look for: - https://twitter.com/s0md3v/status/1271241942576185344
Check out subs_all txt here - https://drive.google.com/file/d/12nABC1GUL7lBsPuzC0pWJrPRzHMHqe8X/view?usp=sharing
Tool - wordlistgen
https://github.com/Bo0oM/fuzz.txt
https://github.com/epi052/feroxbuster
https://github.com/Droidzzzio/EnumerationList
https://github.com/six2dez/OneListForAll

Huge_DIR_wordlist:- https://github.com/emadshanab/Huge_DIR_wordlist

Exploiting:

https://github.com/ayoubfathi/leaky-paths

GitHub - lutfumertceylan/top25-parameter: For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙GitHub

PreviousMobile Security NextBugBounty Short Write-ups

Last updated 3 years ago

Was this helpful?