Directory Fuzzing - TheGetch/Penetration-Testing-Methodology GitHub Wiki

When fuzzing for directories, follow these wordlists:

  1. dirsearch.txt *
  2. directory-list-2.3-medium.txt *
  3. httparchive_directories **
  4. Raft *
  5. RobotsDisallowed *

Then go for technology-specific.

Sources:

  1. * https://github.com/danielmiessler/SecLists/tree/master/Discovery/Web-Content
  2. ** https://wordlists.assetnote.io/

You can also try big.txt, content_discovery_all.txt by @Jhaddix, fuzz.txt by @i_bo0om.

⚠️ **GitHub.com Fallback** ⚠️