Which is the most detailed wordlist for directory brute force?

danielmiessler / SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project

MIT License

58.02k stars 23.86k forks source link

Which is the most detailed wordlist for directory brute force? #483

Closed FaizanNehal closed 4 years ago

FaizanNehal commented 4 years ago

I cannot find a wordlist for directory brute force. Can you suggest me which one should I use for directory brute force with ffuf or gobuster?

phreakcoder commented 4 years ago

the one in /usr/share/wordlists/gobuster/directory-list-2.3-medium.txt it works most of the time

g0tmi1k commented 4 years ago

Any here are designed what your wanting ~ https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content

The bigger, the more it may find, but longer it will take. Everything is a trade off