Add comprehensive OWASP Top 10 directory structure with injection payloads

Co-authored-by: Stalin-143 <161853795+Stalin-143@users.noreply.github.com>

OWASP-Top-10/A05-Security-Misconfiguration/README.md

@@ -0,0 +1,15 @@
+# A05 - Security Misconfiguration
+
+## Description
+Security misconfiguration is the most commonly seen issue. This is commonly a result of insecure default configurations, incomplete or ad hoc configurations, open cloud storage, misconfigured HTTP headers, and verbose error messages containing sensitive information.
+
+## Common Vulnerabilities
+- Default credentials
+- Unnecessary features enabled
+- Missing security headers
+- Verbose error messages
+- Outdated software
+- Directory listing enabled
+
+## Testing Approach
+Check for default configurations, analyze HTTP headers, test for information disclosure, and verify security settings.

OWASP-Top-10/A05-Security-Misconfiguration/default-credentials-payloads.txt

@@ -0,0 +1,41 @@
+# Default Credentials Payloads
+
+# Common username:password combinations
+admin:admin
+admin:password
+administrator:administrator
+root:root
+root:toor
+root:password
+test:test
+guest:guest
+user:user
+demo:demo
+
+# Database default credentials
+root:
+admin:
+sa:
+postgres:postgres
+mysql:mysql
+oracle:oracle
+
+# Application defaults
+admin:admin123
+admin:Admin123
+administrator:password
+webadmin:webadmin
+sysadmin:sysadmin
+
+# IoT/Network device defaults
+admin:1234
+admin:12345
+admin:123456
+root:12345
+ubnt:ubnt
+cisco:cisco
+
+# Format variations
+username: admin / password: (blank)
+username: root / password: (blank)
+username: administrator / password: administrator

OWASP-Top-10/A05-Security-Misconfiguration/misconfiguration-paths-payloads.txt

@@ -0,0 +1,78 @@
+# Common Misconfiguration Paths
+
+# Admin panels
+/admin
+/admin/
+/administrator
+/admin/login
+/admin/dashboard
+/admincp
+/wp-admin
+/admin.php
+/admin.html
+
+# Configuration files
+/.env
+/config.php
+/configuration.php
+/config.yml
+/config.json
+/settings.py
+/web.config
+/application.properties
+/.git/config
+/.aws/credentials
+
+# Backup files
+/backup.sql
+/database.sql
+/dump.sql
+/.backup
+/old
+/backup
+/bak
+/backup.zip
+/site.tar.gz
+
+# Debug/Info pages
+/phpinfo.php
+/info.php
+/test.php
+/debug
+/trace
+/console
+/server-status
+/server-info
+
+# Directory listing
+/.git/
+/.svn/
+/.hg/
+/backup/
+/temp/
+/tmp/
+/logs/
+/log/
+
+# Error pages that expose info
+/error
+/debug
+/exception
+/trace
+
+# Cloud storage misconfigurations
+/.aws/
+/.azure/
+/s3/
+/.docker/
+/kubernetes/
+
+# API documentation
+/api-docs
+/swagger
+/swagger.json
+/swagger-ui
+/api/v1/documentation
+/docs
+/graphql
+/graphiql