Welcome to the Bug Hunter's Wordlists repository! ππ This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.
In the realm of ethical hacking and cybersecurity, wordlists are indispensable tools that aid researchers in finding hidden vulnerabilities, exposed paths, sensitive information, and potential attack vectors. This repository is established with the goal of bringing together an extensive assortment of wordlists, simplifying the process of reconnaissance, identification, and exploitation of security weaknesses.
Explore an array of meticulously curated wordlists designed to cater to diverse aspects of security testing. The repository includes the following wordlists:
10-million-password-list-top-1000000.txt: Wordlist of 10 Million Passwords
403_header_payloads.txt: Wordlist for 403 Header Bypass Techniques
403_url_payloads.txt: Wordlist for 403 URL Bypass Strategies
6-digits-000000-999999.txt: Comprehensive Collection of 6-Digit Number Combinations
admin.txt: Wordlist for Uncovering Internal Admin Panels
adminer.txt: Adminer-Specific Wordlist for Identifying Admin Interfaces
all-files-leaked.txt: Wordlist Encompassing Paths of Leaked Files
all-gitdorks.txt: Aggregated List of All Git Dorks for Git Repository Enumeration
all_fuzz.txt: Comprehensive Fuzzing Wordlist
allgoogle.txt: Comprehensive Google Dorking Wordlist
android_all_permissions.txt: Android Permissions Wordlist
antivirus_names.txt: List of Antivirus Software Names
api-actions.txt: API Actions Wordlist
api-objects.txt: API Objects Wordlist
api.txt: Comprehensive List of APIs Wordlist
api_seen_in_wild.txt: Deduct X values
asp_files_only.txt: ASP Files without Path Wordlist
asp_files_with_path.txt: ASP Path with Wordlists
backup_files_only.txt: Updated Backup Files Only
backup_files_with_path.txt: Backup Files with Path
cgi-bin.txt: CGI-BIN Wordlist
cgi-files.txt: CGI Files Wordlist
config.txt: Config Wordlist
css_all_properties.txt: CSS Properties Wordlist
cve-paths.txt: CVE Paths Wordlist
directory_only_one.small.txt: Directory traversal up to one
dll_files.txt: DLL Files Wordlist
dotfiles.txt: Dot Files Wordlist
ec2.txt: EC2 Wordlist
env.txt: ENV Wordlist
extensions.txt: All Extensions Wordlist
fuzz.txt: Content Fuzzing Wordlist
git_config.txt: Git Config Wordlist
google.txt: Limited Google Dorking Wordlist
htaccess: Htaccess Wordlist
jsp_files_only.txt: JSP Files without Path
juicy-paths.txt: Juicy Paths Wordlist
jwt-secrets.txt: JWT Secrets by Wallarm
k8s.txt: Adding Auth02
keys.txt: Keys Wordlist
leaky-misconfigs.txt: Leaked Misconfiguration Wordlist
log.txt: Logs Wordlist
log4j_payloads.txt: Log4j Payloads
ngnix.txt: Nginx Directory Wordlist
npmrc.txt: NPMRC Wordlist
open-redirects.txt: Open Redirect Payloads Wordlist
perl-files.txt: Perl Files Wordlist
php_files_only.txt: PHP Files without Path
php_files_with_path.txt: PHP Files with Path
phpmyadmin.txt: PHP My Admin Wordlist
phpunit.txt: PHP Unit Wordlist
properties-files.txt: Properties File Wordlist
shodan-dorks.txt: Shodan Dorks by Lothos612
sql.txt: SQL Wordlist
sqli-google-dorks.txt: SQLi Google Dorks by iGotRootSRC
sqli_blind_time-based.txt: SQL Blind Time-Based
tomcat.txt: Apache Tomcat Directory Wordlist
top-10k-web-directories_from_10M_urlteam_links.txt: Directory Bruteforcing Wordlist 1
user_field_names.txt: Usernames Wordlist
webconfig.txt: Web Config Wordlist
windows-lfi.txt: Windows LFI Wordlist
wordpress-random.txt: Random WordPress Wordlist
wp-content.txt: WordPress Content Wordlist
wp-plugins.txt: WordPress Plugins
xss_payload.txt: Adding XSS Payloads
yaml.txt: List of YAML-related terms and patterns.
The Bug Hunter's Wordlists Repository thrives on community involvement. You are encouraged to contribute to this repository by:
- Forking: Fork the repository to your GitHub account.
- Adding: Add new wordlists or enhance existing ones with valuable entries.
- Pull Request: Submit a pull request detailing your changes.
- All contributions, whether they include new wordlists, updates, or improvements, are immensely appreciated and contribute to the collective security knowledge.
- It is crucial to emphasize that this repository is intended solely for educational and research purposes. The wordlists provided here should be employed responsibly and only on systems for which you possess explicit authorization. Unauthorized use is strongly discouraged and could lead to legal consequences.
- If you find value in these free wordlists and tools, consider showing your appreciation by buying me a coffee. Your support helps keep this project going and enables the continuous improvement of these resources.
