2025.1

🎉 The first release of 2025! 🎉
Lead Contributor: @ItsIgnacioPortal

Highlights

This release adds new documentation for many wordlists. Duplicate and obsolete wordlists have been removed, and the following new wordlist has been incorporated into the project:

• 🌟 2024-200_most_used_passwords.txt

The Discovery/Web-Content/trickest-robots-disallowed-wordlists/top-10000.txt wordlist has been fixed, which caused problems when cloning the project on Windows. (#397)

The .fuzz suffix has been removed from many more wordlists, improving clarity in the wordlist filenames.

A great number of wordlists have been properly categorized, improving the overall usability of Seclists.

Full Changelog

🌟 New content

• 🌟 feat(wordlist): Add filepaths for testing Single-page applications. (#1159)
• 🌟 feat(wordlist): Add IIS default page and image files. (#1158)
• 🌟 feat(wordlist): Added '2024-200_most_used_passwords.txt' wordlist
• 🌟 feat(wordlist): Added 'daloradius' to common.txt
• 🌟 feat(wordlist): Added 'Web-Server' prefix to wordlist filenames
• 🌟 feat(wordlist): Added missing words in API 'actions' wordlists
• 🌟 feat(wordlist): Added more endpoints to common.txt
• 🌟 feat(wordlist): Added more LLM data-leakage payloads
• 🌟 feat(wordlist): Added more subdomains to 'combined_subdomains.txt'
• 🌟 feat(wordlist): Added protobuf mimetypes
• 🌟 feat(wordlist): Expanded the List-Of-Swear-Words "fr-CA-u-sd-caqc.txt" wordlist
• 🌟 feat(wordlist): Greatly improved "Amounts" wordlists
• 🌟 feat(wordlist): Update spring-boot.txt to v2.1.7

🛠 Fixes & Improvements

• 🛠 feat(docs): Improved formatting of the PR template.
• 🛠 feat(docs): Replace repository details with badges for better visibility.
• 🛠 fix(cicd): Fixed line-ending normalization on "remote-wordlists-updater.yml"
• 🛠 fix(wordlist): Fixed bad formatting in raft-* wordlists
• 🛠 chore(docs): Removed '.fuzz' from multiple wordlist filenames

📖 Documentation

• 📖 feat(docs): Added documentation for 'AdobeCQ-AEM.txt' wordlist
• 📖 feat(docs): Added documentation for 'AdobeXML.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'Apache-Axis.txt' wordlist
• 📖 feat(docs): Added documentation for 'Apache.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'ApacheTomcat.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'CGI-HTTP-POST-Windows.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'CGI-HTTP-POST.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'CGI-Microsoft.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'Frontpage.fuzz.txt' wordlist
• 📖 feat(docs): Added documentation for 'fully-qualified-java-classes.txt' wordlist
• 📖 feat(docs): Added documentation for 'IIS-POST.txt'
• 📖 feat(docs): Added documentation for 'iis-systemweb.txt' wordlist
• 📖 feat(docs): Added documentation for 'iplanet.txt' wordlist
• 📖 feat(docs): Added documentation for 'JBoss.txt' wordlist
• 📖 feat(docs): Added documentation for 'Keycloak-Identity-Access-Management.txt'
• 📖 feat(docs): Added documentation for 'Microsoft-Forefront-Identity-Manager.txt' wordlist
• 📖 feat(docs): Added documentation for 'Oracle-EBS-wordlist.txt' wordlist
• 📖 feat(docs): Added documentation for 'Oracle-WebLogic.txt'
• 📖 feat(docs): Added documentation for 'raft-*' wordlists
• 📖 feat(docs): Added documentation for 'reverse-proxy-inconsistencies.txt'
• 📖 feat(docs): Added documentation for 'Web-Server-Glassfish-Sun-Microsystems.txt' wordlist
• 📖 feat(docs): Added documentation for the 'graphql.txt' wordlist
• 📖 feat(docs): Added note about outdated contents for the 'AdobeCQ-AEM.txt' wordlist

🪦 Removed content

• 🪦 chore(wordlist): Removed 'KitchensinkDirectories.fuzz.txt' wordlist
• 🪦 chore(wordlist): Removed 'Randomfiles.fuzz.txt' wordlist
• 🪦 chore(wordlist): Removed 'tests.txt' wordlist
• 🪦 chore(wordlist): Removed 'Vignette.fuzz.txt' wordlist
• 🪦 chore(wordlist): Removed BiblePass project
• 🪦 chore(wordlist): Removed duplicate wordlist '500-worst-passwords.txt'
• 🪦 chore(wordlist): Removed duplicate wordlist 'without_spaces.txt'
• 🪦 chore(wordlist): Removed obsolete 'dirsearch.txt' wordlist
• 🪦 chore(wordlist): Removed obsolete 'IBM Lotus iNotes' wordlist
• 🪦 chore(wordlist): Removed obsolete hyperion wordlists
• 🪦 chore(wordlist): Removed obsolete IOCs wordlists
• 🪦 fix(wordlist): Removed 'FatwireCMS.fuzz.txt' wordlist
• 🪦 fix(wordlist): Removed 'fnf-fuzz.txt' wordlist
• 🪦 fix(wordlist): Removed duplicate wordlist 'iplanet.txt'
• 🪦 fix(wordlist): Removed duplicate wordlist 'jrun.txt'
• 🪦 fix(wordlist): Removed duplicate wordlist 'sunas.txt'

🌐 Other changes

• 🌐 chore(wordlist): Moved CGI wordlists into the 'LEGACY-SERVICES/CGIs' directory
• 🌐 feat(docs): Moved programming-language-specific wordlists into their own directory
• 🌐 feat(docs): Moved Web-Server wordlists into their own directory
• 🌐 feat(docs): Removed mis-categorized 'Web-Services' folder
• 🌐 feat(docs): Renamed 'axis.txt' to 'Apache-Axis.txt'
• 🌐 feat(docs): Renamed 'SVNDigger' folder to a more descriptive folder name
• 🌐 fix(cicd): Added automatic clean-up to wordlist updater
• 🌐 fix(cicd): Fixed crash on "remote-wordlists-updater.yml"
• 🌐 fix(docs): Added "Ignacio Portal" to the project credits.
• 🌐 fix(docs): Moved 'AdobeCQ-AEM.txt' into the CMS directory
• 🌐 fix(docs): Moved 'aem2.txt' into the CMS directory
• 🌐 fix(docs): Moved 'axis.txt' into the Web-Servers directory
• 🌐 fix(docs): Moved 'Confluence-Administration.txt' into the Service-Specific directory
• 🌐 fix(docs): Moved 'forefront-identity-management.txt' into the Service-Specific directory
• 🌐 fix(docs): Moved 'jboss.txt' into the Web-Servers directory
• 🌐 fix(docs): Moved 'Jenkins-Hudson.txt' into the Service-Specific directory
• 🌐 fix(docs): Moved 'nginx.txt' into the Web-Servers directory
• 🌐 fix(docs): Moved 'Oracle-EBS-wordlist.txt' into the CMS directory
• 🌐 fix(docs): Moved 'sharepoint-ennumeration.txt' into the CMS directory
• 🌐 fix(docs): Moved 'spring-boot.txt' into the Programming-Language-Specific directory
• 🌐 fix(docs): Moved 'swagger.txt' into the Service-Specific directory
• 🌐 fix(wordlist): Merged duplicate 'Apache Tomcat' wordlists
• 🌐 fix(wordlist): Merged duplicate Apache wordlists
• 🌐 fix(wordlist): Merged duplicate Microsoft Frontpage wordlists
• 🌐 fix(wordlist): Merged duplicate Oracle EBS wordlists
• 🌐 fix(wordlist): Merged duplicate Sharepoint wordlists
• 🌐 fix(wordlist): Moved 'HTTP-POST-Microsoft.fuzz.txt' into 'Web-Servers\IIS-POST.txt'
• 🌐 fix(wordlist): Moved 'pulsesecure.txt' into 'Service-Specific\PulseSecure-VPN.txt'
• 🌐 fix(wordlist): Moved 'websphere.txt' into 'Service-Specific\IBM-WebSphere-Application-Server.txt'
• 🌐 fix(wordlist): Moved *200_most_used_passwords to Common-Credentials directory
• 🌐 fix(wordlist): Removed duplicates from '2024-200_most_used_passwords.txt' wordlist
• 🌐 fix(wordlist): Removed redundant linejumps from CommonAdminBase64.txt
• 🌐 fix(wordlist): Renamed '2024-200_most_used_passwords.txt' to '2024-197_most_used_passwords.txt'
• 🌐 fix(wordlist): Renamed 'hpsmh.txt' to 'HP-System-Management-Homepage.txt'
• 🌐 fix(wordlist): Renamed 'proxy-conf.fuzz.txt' to 'Proxy-Auto-Configuration-Files.txt'
• 🌐 fix(wordlist): Renamed 'sap.txt' to 'SAP-NetWeaver.txt'
• 🌐 fix(wordlist): Renamed wordlist 'Frontpage.fuzz.txt' to 'Microsoft-Frontpage.txt'
• 🌐 fix(wordlist): Renamed wordlist 'IIS.fuzz.txt' to 'IIS.txt'
• 🌐 fix(wordlist): Renamed wordlist 'Sharepoint.fuzz.txt' to 'Sharepoint.txt'
• 🌐 fix(wordlist): Renamed wordlist 'SunAppServerGlassfish.fuzz.txt' to 'Web-Server-Glassfish-Sun-Microsystems.txt'
• 🌐 fix(wordlist): Revert "Update metadata.txt"
• 🌐 fix(wordlist): Transformed "local-ports.txt" into "Ports-1-To-65535.txt"

Shout-out to: @curiv, @emmanuelgautier, @goosvorbook, @guillermodotn, @eltociear, @ivan-sincek, @jorelpaddick, @jthack, @NihaoKangkang, @mtremr, @napz99, @ola456, @onurkarasalihoglu, @cosad3s, and @V0idSeek3r

🥇 Thank you everyone <3

2024.4

Fourth (and final) release of 2024!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @Dec0y-jb, @BRAVO68WEB, @ItsIgnacioPortal, @newyork167, @domai-tb, @YouFoundAlpha, @ctflearner, @righettod, @pwnter, @josemlwdf, @StepSisStuck and @napz99

2024.3

Third release of 2024!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @ItsIgnacioPortal , @righettod , @PhHitachi, @freyxfi , @nu11pointer , @7h30th3r0n3 , @molangning & @johnjhacking

2024.2

Second release of 2024!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @molangning, @ashtonhogan, @Sevada797, @emmanuel-londono, @exploide, @emmanuelgautier, @riramar, @ItsIgnacioPortal, @0xjv, @YouFoundAlpha, @danielmiessler, @righettod, @adeadfed, @spaze, @CodeVIP123 & @BrandonW6000

2024.1

First release of 2024!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @cosad3s, @molangning, @barisbogdan, @righettod, @davidmcduffie001, @legik, @StellarSand, @zerbaliy3v, @jhaddix, @emmanuel-londono, @Ghoreish , @denandz and @ErdemOzgen.

2023.4

Fourth (and final) release of 2023!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @sonatagreen, @DeveloperOl, @adilnbabras, @nekonugget, @stefanman125, @souravvvv123, @CountablyInfinite, @ThomasBucaioni, @DmytroKashchuk, @righettod, @ItsIgnacioPortal, @cosad3s, @olizimmermann, @zyairelai and @molangning

2023.3

Third release of 2023!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @dylleb, @righettod, @tomtastic, @NicolasCARPi, @Xhoenix, @denandz & @cosad3s

2023.2

Second release of 2023!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

Shout-out to: @ItsIgnacioPortal, @ClutchReboot , @ivan-sincek, @strayfade & @righettod

2023.1

First release of 2023!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

A shoutout to @ItsIgnacioPortal & @n0kovo

2022.4

Fourth (and final) release of 2022!
🎉 This release includes multiple updates from the community =)
🥇 Thank you everyone <3

A big shoutout goes out to @ItsIgnacioPortal for all their work (again!)
And a thanks to @righettod for their pull requests