bugbounty-wordlist

Real world bug bounty wordlists

Go to file

buggysolid 32676f15bf Some words from PortSwigger access control labs.		2022-06-24 08:10:33 +01:00
LICENSE	Initial commit	2022-06-07 02:04:41 +01:00
README.md	README.md	2022-06-07 02:31:29 +01:00
breakpoints.txt	Chrome Dev Tools Console commands.	2022-06-22 07:42:25 +01:00
burp-plugins.txt	New keywords and new file.	2022-06-16 06:33:38 +01:00
dns.txt	More authentication related words.	2022-06-17 10:22:38 +01:00
http.txt	Some words from PortSwigger access control labs.	2022-06-24 08:10:33 +01:00
javascript.txt	Add some DOM related sinks.	2022-06-20 19:07:16 +01:00
jwt.secrets.list	Add wordlist for JWT secret key cracking.	2022-06-15 21:10:26 +01:00
ports.txt	Add multiple different dns, port and http keywords	2022-06-08 22:34:57 +01:00
resolvers.txt	Public highly caching DNS resolvers to query against.	2022-06-14 17:54:52 +01:00

README.md

What

Wordlists I use for recon and content discovery on programs from hackerone and bugcrowd. These are only things I have actually encountered in production or in documentation of popular tooling. There is no point in having a huge wordlist but only ever getting 2 hits.