Personal compilation of wordlists & dictionaries for everything. Users, passwords, directories, files, vulnerabilities, fuzzing, injections, etc. In a peculiar order, sorry.

If you want to add more or If you know the authorship of a dictionary, contact me.

Passwords :key:

Users :busts_in_silhouette:

Injections :syringe:

Languages :u5272:

Vendors/Software :label:

Domains/Subdomains :globe_with_meridians:

Others :bookmark_tabs:

Tools :hammer:

  • SQLmap
    • sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.
  • Hashcat
    • World’s fastest and most advanced password recovery utility.
  • Dirb
    • DIRB is a Web Content Scanner. It looks for existing (and/or hidden) Web Objects. It basically works by launching a dictionary based attack against a web server and analyzing the response.
  • Fuzzdb
    • Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
  • DirSearch
    • Web path scanner.
  • Wfuzz
    • Web application fuzzer http://wfuzz.io.
  • Cfuzzer
    • url-fuzzer.
  • Pyfuzz
    • URL fuzzing tool made of Python.
  • CommonSpeak
    • Commonspeak is a wordlist generation tool that leverages public datasets from Google’s BigQuery platform.