Fuzzing / Wordlists

1.​https://twitter.com/Jhaddix/status/1177706552272142337​
1.​https://twitter.com/NahamSec/status/1177672652011343873​
2.​https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d 
1.​https://twitter.com/Yassineaboukir/status/1189813564053180416​
3.​https://twitter.com/soaj1664ashar/status/1189570378961739777​
4.​https://twitter.com/s0md3v/status/1190325611215982592​
5.Param Bruteforce -https://twitter.com/HusseiN98D/status/1166759438503620610 - Arjun
6.Rustbuster - https://twitter.com/michael_eder_/status/1166629786711670784​
7.Check Status Codes - https://github.com/Sy3Omda/dotfiles/blob/master/fetcher.sh​
8.Robots disallowed - https://github.com/danielmiessler/RobotsDisallowed​
9.Content Discovery - https://twitter.com/Alra3ees/status/1208502084246671366 (Also downloaded the same)
10.​https://twitter.com/Random_Robbie/status/1221748816308768770​
11.Dirbuster - When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u - https://twitter.com/i/status/1221792235215151104​
12.PathBrute - https://github.com/milo2012/pathbrute​
13.​https://github.com/enciphers/Wordlists​
14.​Content_discovery_nullenc0de.txt​
15.​https://github.com/pwnwiki/webappurls​
16.Status codes - hakul/hakcrawl - gofetch , statusparser
17.What are your normal testing steps when you see a 401? - https://twitter.com/nomanAli181/status/1146411693590736896​
18.​https://twitter.com/payloadartist/status/1240591694753452032​
19.​https://github.com/deibit/cansina - web content discovery
20.​https://twitter.com/_harleo/status/1138883725675192322​
21.​https://github.com/phspade/Combined-Wordlists​
22.New dirs to bruteforce -https://twitter.com/nullenc0de/status/1249804904790732802​
23.​https://twitter.com/imranparray101/status/1141100671581556736?s=20​
24.Jhaddix - 
​
​
​
Tools -  Fast web fuzzer written in Go - https://github.com/ffuf/ffuf​
When you're brute forcing for endpoints, don't forget to add extensions. You can also use this method to discover backup files. Here's a command I use frequently:
dirsearch -e php,asp,aspx,jsp,py,txt,conf,config,bak,backup,swp,old,db,sql -u 
​
​
​
Thread Related -- https://twitter.com/search?q=FFuF&src=typed_query​
Any tool to dedupe a list of urls according their parameters? I mean keep only 1 url if it appears several times with same params no matter their values - https://twitter.com/gwendallecoguic/status/1207435306410168322​
​https://securityjunky.com/ffuf-on-steroids/​
​https://github.com/assetnote/commonspeak2-wordlists​
wordlist by random robbie - https://gist.github.com/random-robbie/0f9d24a7b3c7268ee0c1ecdbe280611b​
Subdomain bruteforce list - https://twitter.com/Alra3ees/status/1068079409117188096​
FULLL LIST _ https://forum.bugcrowd.com/t/dropping-a-cool-wordlist/9211​
Interesting file extensions to look for: - https://twitter.com/s0md3v/status/1271241942576185344​
Check out subs_all txt here - https://drive.google.com/file/d/12nABC1GUL7lBsPuzC0pWJrPRzHMHqe8X/view?usp=sharing​
Tool - wordlistgen
​https://github.com/Bo0oM/fuzz.txt​
​https://github.com/epi052/feroxbuster​
​https://github.com/Droidzzzio/EnumerationList​
​https://github.com/six2dez/OneListForAll​
​https://github.com/BonJarber/SecUtils/tree/master/clean_wordlist​
​https://github.com/gh0stkey/Web-Fuzzing-Box​
​https://github.com/six2dez/OneListForAll​
https://twitter.com/Mah3Sec_/status/1325030700039368709
​
Huge_DIR_wordlist:- https://github.com/emadshanab/Huge_DIR_wordlist​
​
​
Exploiting:
​https://github.com/ayoubfathi/leaky-paths​
GitHub - lutfumertceylan/top25-parameter: For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙
GitHub
​
​
​
Mobile Security
BugBounty Short Write-ups
Last modified 1yr ago