seclists @ blackhat arsenal 2015

10
SecLists The pentester’s companion

Upload: daniel-miessler

Post on 16-Apr-2017

2.468 views

Category:

Technology


1 download

TRANSCRIPT

Page 1: SecLists @ BlackHat Arsenal 2015

SecListsThe pentester’s companion

Page 2: SecLists @ BlackHat Arsenal 2015

Why SecLists

Page 3: SecLists @ BlackHat Arsenal 2015
Page 4: SecLists @ BlackHat Arsenal 2015
Page 5: SecLists @ BlackHat Arsenal 2015

Integrations

✓ Burp ✓ Kali ✓ Other distros ✓ Other tools

Page 6: SecLists @ BlackHat Arsenal 2015

Contribution

✓ Submit via GitHub ✓ Submit via pull request ✓ Submit lists ✓ Submit recommendations ✓ Flame

Page 7: SecLists @ BlackHat Arsenal 2015

Attribution

Page 8: SecLists @ BlackHat Arsenal 2015

✓ Kali ✓ Burp, ZAP ✓ Expanding Polyglots ✓ Expanding magic strings ✓ Expanding DOM XSS lists ✓ Dangerous functions ✓ SSRF file handlers ✓ Killer scripts ✓ NetSec lists / syntax / etc ✓ net use, nmap, tcpdump,

psexec, metasploit, sqlmap, hydra, medusa, ncrack, netstat,ncat, ,

project++

Page 9: SecLists @ BlackHat Arsenal 2015

SecListsThe pentester’s companion

Page 10: SecLists @ BlackHat Arsenal 2015

SecListsThe pentester’s companion

✓ https://github.com/danielmiessler ✓ @danielmiessler ✓ [email protected]

✓ https://github.com/jhaddix ✓ @jhaddix ✓ [email protected]

https://github.com/danielmiessler/SecLists