• ​WordList Compendium - personal compilation of wordlists & dictionaries for everything; users, passwords, directories, files, vulnerabilities, fuzzing, injections, wordlists of tools, etc.
  • ​SecLists - a collection of multiple types of lists used during security assessments.

Web content

  • ​Assetnote Wordlists - high quality wordlists for content and subdomain discovery.
    • ​swagger-wordlist.txt - swagger files collected from a number of datasources, including an internet wide scan for the 40+ most common swagger path.
  • ​fuzz.txt - potentially dangerous files.
  • ​leaky-paths - a collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs and etc.