0x01-项目起源

红队Web打点中，发现口令问题占比不小，遂创建此项目

0x02-字典来源

默认凭证

01-棱角安全团队 -> https://forum.ywhack.com/bountytips.php?password
02-ihebski师傅 -> https://github.com/ihebski/DefaultCreds-cheat-sheet

通用弱口令

01-weakpass项目 -> https://weakpass.com/
02-nordpass团队 -> https://nordpass.com/most-common-passwords-list/

01-鸭王师傅 -> https://github.com/TheKingOfDuck/fuzzDicts
02-3hadow师傅 -> https://github.com/3had0w/Fuzzing-Dicts
03-c0ny1师傅 -> 上传漏洞fuzz字典生成脚本 -> https://github.com/c0ny1/upload-fuzz-dic-builder
04-gh0stkey师傅 -> https://github.com/gh0stkey/Web-Fuzzing-Box

gh0stkey师傅文章1 -> https://gh0st.cn/archives/2019-11-11/1

05-huyuanzhi2师傅 -> https://github.com/huyuanzhi2/password_brute_dictionary
06-danielmiessler师傅 -> https://github.com/danielmiessler/SecLists
07-mstxq17师傅 -> https://github.com/mstxq17/SeCDictionary/
08-匿名师傅 -> https://pastebin.com/LMuD0LGa
09-insightglacier师傅 -> https://github.com/insightglacier/Dictionary-Of-Pentesting

转载于https://github.com/ybdt/dict-hub

温馨提示：一切未经授权的渗透测试行为均为违法行为。