#SecLists

nickbeardednickbearded
2025-05-31

Honestly, 50 tools should be more than enough.
Who really tests all 600+ tools in Kali or the 2,500+ in BlackArch?
I tried... but some BlackArch tools didn’t even run properly...

In BashCore and BashCoreX, every app works.
No duplicates. No junk. Just tools that actually run.

Yes, the ISOs are ~7GB,
but we’ve got Metasploit, Searchsploit, and especially SecLists (which weighs a ton) 🤷🏻‍♂️

2025-03-20

Anyone know if there is a version of the "rockyou" password list where each entry is already hashed with sha256? I'm attacking a toy hashing scheme for a #ctf and it would be useful to have it precomputed.

I'm running a script to compute it now but it would be nice if I could use someone else's hard work

#ctf #seclists

2024-07-09

Does anyone actually use the User-Agent wordlists from SecLists that are grouped by OS/platform? Some of these files only contain a single User-Agent (lol) because apparently LG adds a random string to their UAs. /cc @danielmiessler github.com/danielmiessler/SecL
#wordlists #seclists

2024-06-27

The leaked files from the disclosure seclists.org/fulldisclosure/20 have since been removed from developercommunity.visualstudi. Someone on Reddit (reddit.com/user/TapAppropriate) posted a direct link to a download from azurewebsites.net that's been taken down now too. The #InternetArchive has the files still at:
web.archive.org/web/2024062421

Unfortunately I cannot verify whether those files/the link was the original file or a re-upload. But at least all files within `ICE REPRO.zip/Linker/linkrepro.zip' match the size (in bytes) of the originals as given in the listing on seclists.

The file download from there has the sha256 hash:

d4c1a74f81e5259596466027ebac9f7eb026931c7cef02e5c37d884bbbb7f96f ICE_REPRO.zip

---

In addition, the disclosure notes that the MS symbol server does (STILL ONLINE!) leak the PDB of warbird.dll if requested. A backup has been re-upped here: files.catbox.moe/8iz2qk.pdb

Again, the sha256 hash. This has been matched against the original served by the MS symbol server:

2e8b5e0c17b4a4693ed494444f347f22a2eed15bcade18a5ac25d370011f8aa5 warbird.dll.pdb

---

I provide those hashes just for people to be on the safe side while analyzing the files. Keep in mind that accessing those files may be illegal.

#MSRP #leak #SecLists #Microsoft #WarBird #PlayReady #DRM #PDB #Widevine #PlayFair #Piracy

Sam' 🐧HorlogeSkynet
2024-04-25

Defense in depth -- the way (part 87): shipping more rotten software to billions of unsuspecting customers seclists.org/fulldisclosure/20

n0kovo 🇩🇰​:anarchy:​:comm:​:terminal:​:vegan:​:debian:​:python:​:tor:​:signal:n0kovo@infosec.exchange
2023-03-10

Are you allowed to be proud when your work is included in SecLists? 🥲

#SecLists #pentesting #RedTeam #BugBounty #wordlist #DNS #subdomains #hacking #recon

:hacker_z: :hacker_o: :hacker_d: :hacker_s: :hacker_e: :hacker_c: 0xD :verified:zodmagus@infosec.exchange
2022-12-21

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst