OWASP Seclists

Thank you for visiting OWASP.org. We recently migrated our community to a new web platform and regretably the content for this page needed to be programmatically ported from its previous wiki page. There’s still some work to be done. The historical content can be found here.

Please visit our Page Migration Guide for more information about updating pages for the new website as well as examples of github markdown.

OWASP SecLists

![OWASP_Project_Header.jpg](OWASP_Project_Header.jpg "OWASP_Project_Header.jpg")


SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

SecLists GitHub Repository


This project is licensed under the MIT license.

Quick Download

Download SecLists

Change Log

Code Repo

Email List/Feedback/Log issues

Questions? Problem? Please ask on the GitHub Issue page

Feature Requests/Development

Project Leaders

Daniel Miessler (@DanielMiessler) and Jason Haddix (@Jhaddix)

Project About


Category:OWASP Project Category:OWASP_Builders Category:OWASP_Breakers Category:OWASP_Document


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.