Directory Payload List

PayloadBox

Overview :

Our goal is to create this repo. A regular web application was to create payload lists for directory tests. Directory scans are crucial for web application testing. Possible sensitive data can be accessed with directory lists. And that’s why it’s so important. You can support this repo and add special payload lists for different web applications and support them. And everything is here ❤

Directroy Scanner Tool’s :

• Dirb
• GoBuster
• Wfuzz
• DirBuster
• Burp Suite Intruder Feature

This last release contains payload information in the list below.

• default
• drupal
• joomla
• sap
• sharepoint
• tomcat
• weblogic
• webshare
• wordpress

References :

A6-Security Misconfiguration

Directory Listing

CWE-538: File and Directory Information Exposure

CWE-548: Information Exposure Through Directory Listing

Cloning an Existing Repository ( Clone with HTTPS )

https://github.com/payloadbox/directory-payload-list.git

Cloning an Existing Repository ( Clone with SSH )

git@github.com:payloadbox/directory-payload-list.git

Source : https://github.com/payloadbox/directory-payload-list

From Infosec Writeups: A lot is coming up in the Infosec every day that it’s hard to keep up with. Join our weekly newsletter to get all the latest Infosec trends in the form of 5 articles, 4 Threads, 3 videos, 2 GitHub Repos and tools, and 1 job alert for FREE!