Directory Payload List

Overview :

Our goal is to create this repo. A regular web application was to create payload lists for directory tests. Directory scans are crucial for web application testing. Possible sensitive data can be accessed with directory lists. And that's why it's so important. You can support this repo and add special payload lists for different web applications and support them. And everything is here ❤

Directroy Scanner Tool's :

• Dirb
• GoBuster
• Wfuzz
• DirBuster
• Burp Suite Intruder Feature

This last release contains payload information in the list below.

• default
• drupal
• joomla
• sap
• sharepoint
• tomcat
• weblogic
• webshare
• wordpress

References :

👉 A6-Security Misconfiguration

👉 Directory Listing

👉 CWE-538: File and Directory Information Exposure

👉 CWE-548: Information Exposure Through Directory Listing

Cloning an Existing Repository ( Clone with HTTPS )

https://github.com/payloadbox/directory-payload-list.git

Cloning an Existing Repository ( Clone with SSH )

git@github.com:payloadbox/directory-payload-list.git