Our goal is to create this repo. A regular web application was to create payload lists for directory tests. Directory scans are crucial for web application testing. Possible sensitive data can be accessed with directory lists. And that's why it's so important. You can support this repo and add special payload lists for different web applications and support them. And everything is here ❤
This last release contains payload information in the list below.
- default
- drupal
- joomla
- sap
- sharepoint
- tomcat
- weblogic
- webshare
- wordpress
👉 A6-Security Misconfiguration
👉 CWE-538: File and Directory Information Exposure
👉 CWE-548: Information Exposure Through Directory Listing
https://github.com/payloadbox/directory-payload-list.git
git@github.com:payloadbox/directory-payload-list.git