Application Security Cheat Sheet

Wordlists

Credentials

Default Credentials Cheat Sheet - one place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password.
PWDB - New generation of Password Mass-Analysis - a collection of all the data extracted from 1 billion credential leaks from the Internet.

Universal

WordList Compendium - personal compilation of wordlists & dictionaries for everything; users, passwords, directories, files, vulnerabilities, fuzzing, injections, wordlists of tools, etc.
SecLists - a collection of multiple types of lists used during security assessments.

Web content

Assetnote Wordlists - high quality wordlists for content and subdomain discovery.
- swagger-wordlist.txt - swagger files collected from a number of datasources, including an internet wide scan for the 40+ most common swagger path.
fuzz.txt - potentially dangerous files.
leaky-paths - a collection of special paths linked to major web CVEs, known misconfigurations, juicy APIs and etc.

PreviousPayloads NextResearching

Last updated 2 years ago