Skip to content

Latest commit

 

History

History
35 lines (33 loc) · 3.62 KB

CONTRIBUTORS.md

File metadata and controls

35 lines (33 loc) · 3.62 KB

Thanks

  • Adam Muntner (@amuntner) and for the FuzzDB content, including all authors from the FuzzDB project (https://github.com/fuzzdb-project/fuzzdb) [./Fuzzing/*.fuzzdb.txt]
  • Ron Bowes (@iagox86) of SkullSecurity for collaborating and including all his lists here (https://wiki.skullsecurity.org/Passwords)
  • Clarkson University for their research that led to the Clarkson password list [./Passwords/clarkson-university-82.txt]
  • All the authors listed in the XSS with context doc, which was found on pastebin and added to by us
  • Ferruh Mavitina for the beginnings of the LFI Fuzz list
  • Kevin Johnson for Laudanum shells (https://sourceforge.net/projects/laudanum/) [./Web-Shells/laudanum-0.8/]
  • RSnake for fierce DNS hostname list [./Discovery/DNS/fierce-hostlist.txt]
  • Charlie Campbell for Spanish word list, numerous other contributions
  • Rob Fuller (@mubix) for the IZMY list [./Passwords/Leaked-Databases/izmy.txt]
  • Mark Burnett for the 10 million passwords list
  • Steve Crapo for doing splitting work on a number of large lists
  • Thanks to Blessen Thomas for recommending Mario's/cure53's XSS vectors
  • Thanks to Danny Chrastil for submitting an anonymous JSON fuzzing list
  • Many thanks to @geekspeed, @EricSB, @lukebeer, @patrickmollohan, @g0tmi1k, @albinowax, and @kurobeats for submitting via pull requests
  • Special thanks to @shipCod3 for MANY contributions and for a SSH user/pass list
  • Thanks to Samar Dhwoj Acharya for allowing his GitHub Dorks content to be included
  • Thanks to Liam Somerville for the excellent list of default passwords
  • Great thanks to Michael Henriksen for allowing us to include his Gitrob project's signatures
  • Honored to have @Brutelogic's brilliant XSS Cheatsheet added to the Fuzzing section [./Fuzzing/XSS*-BruteLogic.txt]
  • 0xsobky's Ultimate XSS Polyglot [./Fuzzing/Polyglots/XSS-Polyglot-Ultimate-0xsobky.txt]
  • @otih for bruteforce collected user/pass lists [./Passwords/Honeypot-Captures/multiplesources-passwords-fabian-fingerle.de.txt]
  • @govolution for BetterDefaultPassList (https://github.com/govolution/betterdefaultpasslist) [./Passwords/Default-Credentials/*-betterdefaultpasslist.txt]
  • Max Woolf (@minimaxir) for Big List of Naughty Strings (https://github.com/minimaxir/big-list-of-naughty-strings) [./Fuzzing/big-list-of-naughty-strings.txt]
  • Ian Gallagher (@craSH) for HTTP Request Headers [./Miscellaneous/http-request-headers/]
  • Arvind Doraiswamy (@arvinddoraiswamy) for numeric-fields-only [./Fuzzing/numeric_fields_only.txt]
  • @badibouzouk for Domino Hunter (https://sourceforge.net/projects/dominohunter/) [./Discovery/Web-Content/Domino-Hunter/]
  • @coldfusion39 for domi-owned (https://github.com/coldfusion39/domi-owned) [./Discovery/Web-Content/domino-*-coldfusion39.txt]
  • Ella Rose (@erose1337) for security-question-answers (https://github.com/erose1337/penetration_testing/tree/master/data) [./Miscellaneous/security-question-answers/]
  • @D35m0nd142 for LFISuite (https://github.com/D35m0nd142/LFISuite) [./Fuzzing/LFI-LFISuite-pathtotest*.txt]
  • @chrislockard for api_wordlist (https://github.com/chrislockard/api_wordlist) [./Discovery/Web-Content/api/]
  • @drwetter for adding .well-known, see RFC 8615 + IANA registry https://www.iana.org/assignments/well-known-uris/well-known-uris.xhtml [./Discovery/Web-Content/common.txt]

This project stays great because of care and love from the community, and we will never forget that. If you know of a contribution that is not listed above, please let us know...