SecLists
SecLists copied to clipboard
danielmiessler
Create universally useful combined web discovery wordlists
I think it would be immesely useful if SecLists had a wordlist for web discovery, which contained the unique entries from all other wordlists, sorted by commonness.
I've already done this, and I could submit a pull request to add these to your repository. In the repository I linked, there are two wordlists: one for directories and one for words. They're composed entirely of SecLists' wordlists and have been extremely helpful for hackthebox.
If you're worried about keeping them up to date, then I assume it's possible to create a github pipeline for creating these wordlists automatically.
If you'd accept these combined wordlists into your repo, then I'd try to get AutoRecon to use these as well. People on /r/oscp have been complaining that AutoRecon isn't good enough, when in reality, it just uses too small wordlists by default.
I think this small addition would make it much easier for people to have good web enumeration
Wow! Yeah, these lists are handy. How did you sort them by commonness?
I assumed that the smaller wordlists contained more common entries, so everything from the small wordlists should be at the top of the combined wordlist, and things that are only in the big wordlist should be towards the bottom of the wordlist.
Basically, I just cated the small wordlists first and then later sorted by unique entries
I'll make a github action for it and open a PR, as soon as @heinosasshallik answers my issue on his repo ^^
