:keyboard: Wordlists, Dictionaries and Other Data Sets for Writing Software Security Test Cases

View on GitHub


        Folder  Name         Description of Contents
apache-struts-folders folders extracted from path names in Apache Struts release packages
burp-word-list word list taken from Burp Proxy attack tool
dirb-list-words file names taken parsed from the dirb wordlists folder
drupal-modules-list Drupal modules list from nselib/data/drupal-modules.lst
drupal-themes-list Drupal themes list from nselib/data/drupal-themes.lst
duckduckgo-bangs-words DuckDuckGo bangs words list via https://duckduckgo.com/bangs_lite.html
phpx-all-words words uniquely parsed from all PHP files in webapp-files
private-word-names words that form private file names after extension appendage
services-word-names list of service names potentially found in a web app
skipfish-word-names words to form files with extensions from skipfish scanner
splunk-public-terms words related to server and browser side web technologies.. the etc/anonymizer/public-terms.txt file from a Splunk install
squidproxy-accesslogs-pathwords words parsed from path names in a Squid proxy access.log
topics-by-domain most popular web topics according to number of domain names via: http://leandomainsearch.s3.amazonaws.com/topics_by_domain_count.txt
various-common-words words that are commonly used to name files in web apps
webapp-words-combined words from all of the above files uniquely combined
wordpress-plugins-list WordPress plugins combined sources from NMap, wp-plugin-checker, dirs3arch, Wordpress-scanner, WP-plugin-scanner, etc.
wordpress-themes-list WordPress themes list from nselib/data/wp-themes.lst
wordpress-timthumbs-paths template strings for paths to WordPress files