분업화가 아닌 좀더 인간적인 직업의 시대가 올 것이다. 개인의 역량도 중요하지만,인간관계에 대한 통찰이 필요한/더 나은 관계를 만들 수 있는 역량이 주목 받을 것이다. 소프트웨어 교육을 어릴때부터 받아서 true&false 의 대답만 내놓는 컴퓨터화된 인간들이 넘쳐나는 세상이 문제가 된다는 가정하에. 사람은 말귀를 알아들어야한다고. 이해를 못하면 입력 자체가 에러다. 개발만 잘 한다고 해서 고객의 요구를 이해할 수 있는건 아니니까. 경험이 좋은 스승이지만, 경험에서 아무것도 건지지 못하는 사람도 많다는걸 알아야 한다. 기회는 누구에게나 오지만, 알아차리는 사람은 흔치않듯이.
SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more. https://www.owasp.org/index.php/Proje…
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repo onto a new testing box and have access to every type of list that may be needed.
Significant effort is made to give attribution for these lists whenever possible, and if you are a list owner or know who the original author/curator is, please let us know so we can give proper credit.
Attribution
Adam Muntner and for the FuzzDB content, including all authors from the FuzzDB project
Ron Bowes of SkullSecurity for collaborating and including all his lists here
Clarkson University for their research that led to the Clarkson list
All the authors listed in the XSS with context doc, which was found on pastebin and added to by us
Ferruh Mavitina for the beginnings of the LFI Fuzz list
Kevin Johnson for laudnaum shells
RSnake for fierce hostname list
Charlie Campbell for Spanish word list, numerous other contributions
Rob Fuller for the IZMY list
Mark Burnett for the 10 million passwords list
shipCod3 for an SSH user/pass list
Steve Crapo for doing splitting work on a number of large lists
Thanks to Blessen Thomas for recommending Mario's/cure53's XSS vectors
Thanks to Danny Chrastil for submitting an anonymous JSON fuzzing list
Many thanks to geekspeed, EricSB, lukebeer, patrickmollohan, g0tmi1k, albinowax, and kurobeats for submitting via pull requests
Special thanks to shipcod3 for MANY contributions!
Thanks to Samar Dhwoj Acharya for allowing his Github Dorks content to be included!
Thanks to Liam Somerville for the excellent list of default passwords
Great thanks to Michael Henriksen for allowing us to include his Gitrob project's signatures
Honored to have @Brutelogic's brilliant XSS Cheatsheet added to the Fuzzing section!
Added 0xsobky's Ultimate XSS Polyglot!
This project stays great because of care and love from the community, and we will never forget that.
