Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ayoubfathi/leaky-paths

A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.
https://github.com/ayoubfathi/leaky-paths

appsec axiom bugbounty dirbuster dirsearch ffuf fuzzing hacktoberfest meg nuclei penetration-testing pentest recon redteam redteaming security security-tools subfinder wayback-machine wordlist

Last synced: 22 days ago
JSON representation

A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..etc. It could be used as a part of web content discovery, to scan passively for high-quality endpoints and quick-wins.

Awesome Lists containing this project

README

        

# About
A collection of **special** paths linked to major web frameworks and infrastructure projects, known juicy APIs, misconfigurations.. etc. These could be used for web-content discovery as the fastest way to find quick wins.

## Goal
With the goal of providing the community with high-quality wordlists, I opened up this repository for contributions from anyone. This should be your go-to for quick hits on any targets, whether you're a Pentester using it for assessments, a security engineer using it as part of your external attack surface scanning, or a bug bounty hunter scanning a large number of subdomains/hosts for quick wins using high-quality wordlists. It contains:

* PATHS associated with known misconfigurations, endpoints leaking sensitive data, granting access to some special parts of the app, etc.

* Paths that typically expose API endpoints or server data. Perfect for finding more "hidden" APIs, interesting and verbose endpoints.

* The direction this wordlist is taking is shifting away from CVEs, and focusing mostly on infrastructure and web-related paths from modern tech stacks, which often yield better returns.

## Contribution
You are welcome to create a new pull request if you have a new endpoint to include or simply any unique paths that typically return juicy information.

Please keep in mind that the wordlist is intentionally kept short in order to focus only on high-quality endpoints, so it is not comprehensive enough for active scanning.

Please see [Assetnote](https://wordlists.assetnote.io/) and [SecLists](https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content) for extended and large wordlists