six2dez / Onelistforall
Rockyou for web fuzzing
Stars: ✭ 213
Programming Languages
shell
77523 projects
Projects that are alternatives of or similar to Onelistforall
Dirsearch
Web path scanner
Stars: ✭ 7,246 (+3301.88%)
Mutual labels: hacking, pentesting, wordlist, fuzzing, bugbounty
Privesc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (+269.01%)
Mutual labels: hacking, pentesting, bugbounty
Security whitepapers
Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (+202.35%)
Mutual labels: hacking, pentesting, bugbounty
Webmap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-11.74%)
Mutual labels: hacking, pentesting, wordlist
Crithit
Takes a single wordlist item and tests it one by one over a large collection of websites before moving onto the next. Create signatures to cross-check vulnerabilities over multiple hosts.
Stars: ✭ 182 (-14.55%)
Mutual labels: hacking, pentesting, bugbounty
Passphrase Wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+161.03%)
Mutual labels: hacking, pentesting, wordlist
Getjs
A tool to fastly get all javascript sources/files
Stars: ✭ 190 (-10.8%)
Mutual labels: hacking, pentesting, bugbounty
Resources
A Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-70.89%)
Mutual labels: hacking, pentesting, bugbounty
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-6.57%)
Mutual labels: hacking, pentesting, fuzzing
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+138.97%)
Mutual labels: hacking, pentesting, bugbounty
Dictionary Of Pentesting
Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
Stars: ✭ 492 (+130.99%)
Mutual labels: pentesting, bugbounty, fuzzing
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+100.47%)
Mutual labels: hacking, pentesting, bugbounty
Quiver
Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.
Stars: ✭ 140 (-34.27%)
Mutual labels: hacking, pentesting, bugbounty
Reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Stars: ✭ 974 (+357.28%)
Mutual labels: hacking, bugbounty, fuzzing
Offensive Docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
Stars: ✭ 328 (+53.99%)
Mutual labels: hacking, pentesting, bugbounty
Pentesting Bible
Learn ethical hacking.Learn about reconnaissance,windows/linux hacking,attacking web technologies,and pen testing wireless networks.Resources for learning malware analysis and reverse engineering.
Stars: ✭ 8,981 (+4116.43%)
Mutual labels: hacking, pentesting, bugbounty
Awesome Mobile Security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
Stars: ✭ 1,837 (+762.44%)
Mutual labels: hacking, pentesting, bugbounty
OneListForAll
Rockyou for web fuzzing
V2 released! Now you can build your own wordlists with the same method and this release includes a short wordlist. Base wordlists provided in /dict folder. See Method 3
V2.3 released! Added custom curated list "onelistforallmicro.txt", almost 10K lines for quick wins and fast enum process. This new wordlist is not created from other sources is handcrafted.
Usage
Method 1
ffuf -c -w onelistforall.txt -u [target.com]/FUZZ
Method 2
- Git clone and extract:
git clone https://github.com/six2dez/OneListForAll && cd OneListForAll
7z x onelistforall.7z.001
- Fuzz with the best tool ffuf :)
ffuf -c -w onelistforall.txt -u [target.com]/FUZZ
Method 3
Build your own wordlists!
-
Add your wordlists to dict/ folder with suffix _short.txt for short wordlist and _long.txt for the full wordlist.
-
Run ./olfa.sh (olfa -> One List For All) and you will have onelistforall.txt file and onelistforallshort.txt.
-
Fuzz with the best tool ffuf :)
ffuf -c -w onelistforall.txt -u [target.com]/FUZZ
Wordlists summary
- onelistforall.txt basically everything, launch it and go to sleep. 6950906 lines, 113M
- onelistforallshort.txt a shortened version, it also contains a lot of things, but in a more affordable way: 396038 lines, 5.6M
- onelistforallmicro.txt almost 10K lines of the best paths you can find, just juicy and important stuff: 9688 lines, 141K
Sources
This is a wordlist for fuzzing purposes made from the best wordlists currently available, lowercased and deduplicated later with duplicut, added cleaner from BonJarber. The lists used have been some selected within these repositories:
- fuzzdb
- SecLists
- xmendez
- minimaxir
- TheRook
- danielmiessler
- swisskyrepo
- 1N3
- cujanovic
- lavalamp
- ics-default
- jeanphorn
- j3ers3
- nyxxxie
- dirbuster
- dotdotpwn
- hackerone_wordlist
- commonspeak2
- bruteforce-list
- assetnote
Feel free to contribute, PR are welcomed.
You can support this work buying me a coffee:
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].