A collection of all the data i could extract from 1 billion leaked credentials from internet.

Bruteforce database

Security testing toolkit for AI Agent: curated SecLists wordlists, injection payloads, and expert agents for authorized pentesting, CTFs, and bug bounties

Aggregated wordlist pulled from commonly used tools for discovery, enumeration, fuzzing, and exploitation.

My useful files for penetration tests, security assessments, bug bounty and other security related stuff

Scripts, files, cheatsheets and more used for pentesting and my OSWE / AWAE exam.

To be used with tools like GoBuster & DirBuster but these lists are specifically tailored and designed for scanning phishing <>< landing pages and other malicious or sketch af financial/crypto fraud websites.

Every Hacker's Go to Fuzzing List. Introducing the Ultimate Fuzzing Directory: Your Go-To Resource for Penetration Testers and Bug Bounty Hunters! Unlock the power of comprehensive fuzzing with our meticulously curated Fuzzing Directory, a one-stop solution designed to streamline your penetration testing and bug bounty hunting endeavors.

Analysis of Swedish password usage

Sec-Payloads, It's a collection of multiple types of lists used during security assessments & used for bug bounty hunting or penetration testing, collected in one place. List types include xss, sqli, sensitive data patterns, fuzzing payloads, web shells, and many more.

🔍 Curate security testing wordlists and payloads for 2025, emphasizing quality, de-duplication, and multilingual support for effective penetration testing.

International Password lists, rainbowtables, fuzz lists, usernames etc..

The most comprehensive repository on GitHub, collection of wordlists for penetration testing, brute-force, and dictionary attacks, curated and organized by Ebrahim Shafiei (EbraSha) for security researchers.

🛡️ VirusTotal for the terminal

Aggregated security-testing wordlists (SecLists-derived): discovery, fuzzing, passwords, usernames, payloads, IOCs.

SecLists-2025: modern, FR-focused security wordlists & payloads with CI packs, API, and sandbox

Automated attack surface mapper & CVE evaluator. Packed with multi-tier SecLists directory fuzzing, forgotten staging asset identification, and prioritized defensive hardening blueprints for Nginx, Apache, and Laravel.

🥬 Leek is a CLI and .NET toolset for detecting breached or weak secrets such as passwords

FuzzAI is an AI-driven directory fuzzing tool that intelligently selects or generates optimized wordlists, understands folder structures, and performs fast multi-threaded scans. Built with smart filtering, automation, and SecLists integration, it streamlines security reconnaissance with precision and speed.

Fuzzing or fuzz testing is an automated software used to test error handling of a software by providing an invalid,unexpected or random inputs.