0x01-项目起源
红队Web打点中,发现口令问题占比不小,遂创建此项目
0x02-字典来源
默认凭证
01-棱角安全团队 -> https://forum.ywhack.com/bountytips.php?password
02-ihebski师傅 -> https://github.com/ihebski/DefaultCreds-cheat-sheet
通用弱口令
01-weakpass项目 -> https://weakpass.com/
02-nordpass团队 -> https://nordpass.com/most-common-passwords-list/
01-鸭王师傅 -> https://github.com/TheKingOfDuck/fuzzDicts
02-3hadow师傅 -> https://github.com/3had0w/Fuzzing-Dicts
03-c0ny1师傅 -> 上传漏洞fuzz字典生成脚本 -> https://github.com/c0ny1/upload-fuzz-dic-builder
04-gh0stkey师傅 -> https://github.com/gh0stkey/Web-Fuzzing-Box
gh0stkey师傅文章1 -> https://gh0st.cn/archives/2019-11-11/1
05-huyuanzhi2师傅 -> https://github.com/huyuanzhi2/password_brute_dictionary
06-danielmiessler师傅 -> https://github.com/danielmiessler/SecLists
07-mstxq17师傅 -> https://github.com/mstxq17/SeCDictionary/
08-匿名师傅 -> https://pastebin.com/LMuD0LGa
09-insightglacier师傅 -> https://github.com/insightglacier/Dictionary-Of-Pentesting
转载于https://github.com/ybdt/dict-hub
温馨提示:一切未经授权的渗透测试行为均为违法行为。