yichensec/yichen_Password_dictionary external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

yichensec/yichen_Password_dictionary

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/yichensec/yichen_Password_dictionary)

Close

yichensec / yichen_Password_dictionaryView on GitHubMore

• External links
• Readme badge

逸尘的字典 渗透测试个人专用的字典，搜索网上，及自己平常收集的一些路径，其中信息包括HVV中常见的各大厂商的弱密码，web常见漏洞测试，会遇到的邮箱，密码，服务弱口令，中间件，子域名，漏洞路径，账户密码，等等，这些内容都是基于本人在实战中收集到的，其中包含Github上公布的密码字典整合，堪称最经典的字典，用这个足以满足日常src，渗透测试，资产梳理，红蓝对抗等前期探测工作。

☆307Jul 16, 2023Updated 2 years ago

Alternatives and similar repositories for yichen_Password_dictionary

Users that are interested in yichen_Password_dictionary are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• yuyan-sec / RedisEXP

  View on GitHub
  Redis 漏洞利用工具
  ☆941Jan 26, 2025Updated last year
• LittleBear4 / OA-EXPTOOL

  View on GitHub
  OA综合利用工具，集合将近20款OA漏洞批量扫描
  ☆1,341Oct 28, 2023Updated 2 years ago
• savior-only / Spring_All_Reachable

  View on GitHub
  Spring漏洞综合利用工具
  ☆675Jul 5, 2023Updated 2 years ago
• White-hua / Apt_t00ls

  View on GitHub
  高危漏洞利用工具
  ☆1,835Feb 12, 2025Updated last year
• shuanx / BurpAPIFinder

  View on GitHub
  攻防演练过程中，我们通常会用浏览器访问一些资产，但很多未授权/敏感信息/越权隐匿在已访问接口过html、JS文件等，该插件能让我们发现未授权/敏感信息/越权/登陆接口等。
  ☆1,384Oct 3, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• abc123info / UserNameDictTools

  View on GitHub
  用户名密码字典生成工具(将中文汉字姓名转成14种格式的拼音、IP地址处理、网络设备密码生成)
  ☆364Aug 5, 2024Updated last year
• wgpsec / YongYouNcTool

  View on GitHub
  用友NC系列漏洞检测利用工具，支持一键检测、命令执行回显、文件落地、一键打入内存马、文件读取等
  ☆586Aug 19, 2023Updated 2 years ago
• 9bie / Slacker

  View on GitHub
  懒鬼插件/审计过的后的渗透插件/我凭本事打的SESSION凭什么还要我自己动手后渗透？
  ☆248Feb 28, 2026Updated last month
• KimJun1010 / WeblogicTool

  View on GitHub
  WeblogicTool，GUI漏洞利用工具，支持漏洞检测、命令执行、内存马注入、密码解密等（深信服深蓝实验室天威战队强力驱动）
  ☆1,786Nov 1, 2023Updated 2 years ago
• 0x727 / BypassPro

  View on GitHub
  对Auth/Waf 自动化bypass的burpsuite插件
  ☆1,126Feb 28, 2026Updated last month
• Ghr07h / Heimdallr

  View on GitHub
  一款完全被动监听的谷歌插件，用于高危指纹识别、蜜罐特征告警和拦截、机器特征对抗
  ☆1,665Jan 19, 2023Updated 3 years ago
• Schira4396 / VcenterKiller

  View on GitHub
  一款针对Vcenter的综合利用工具，包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972/31656以及log4j，提供一键上传webs…
  ☆1,473Apr 25, 2024Updated last year
• F6JO / RouteVulScan

  View on GitHub
  Burpsuite - Route Vulnerable Scanning 递归式被动检测脆弱路径的burp插件
  ☆1,316Jun 29, 2024Updated last year
• SexyBeast233 / SecDictionary

  View on GitHub
  实战沉淀字典
  ☆1,542Mar 17, 2026Updated last month
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• novysodope / ST2Scanner

  View on GitHub
  Struts2漏洞扫描 Burp插件
  ☆131Mar 21, 2023Updated 3 years ago
• lemonlove7 / dirsearch_bypass403

  View on GitHub
  目录扫描+JS文件中提取URL和子域+403状态绕过+指纹识别
  ☆874Sep 30, 2025Updated 6 months ago
• Bl0omZ / JNDIEXP

  View on GitHub
  JNDI在java高版本的利用工具,FUZZ利用链
  ☆601Oct 8, 2022Updated 3 years ago
• li8u99 / yonyou_exp_plus

  View on GitHub
  用友系列全漏洞检测工具
  ☆195Jul 5, 2023Updated 2 years ago
• Tsojan / TsojanScan

  View on GitHub
  An integrated BurpSuite vulnerability detection plug-in.
  ☆1,480Jan 29, 2026Updated 2 months ago
• whwlsfb / JDumpSpider

  View on GitHub
  HeapDump敏感信息提取工具
  ☆1,651Dec 15, 2025Updated 4 months ago
• x364e3ab6 / DudeSuite

  View on GitHub
  DudeSuite Web Security Tools
  ☆1,307Jan 26, 2026Updated 2 months ago
• R4gd0ll / I-Wanna-Get-All

  View on GitHub
  综合漏洞后渗透利用工具
  ☆1,709Dec 11, 2025Updated 4 months ago
• xz-zone / Webpackfind

  View on GitHub
  Webpack自动化信息收集
  ☆314Feb 20, 2023Updated 3 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• shmilylty / SharpHostInfo

  View on GitHub
  SharpHostInfo是一款快速探测内网主机信息工具（深信服深蓝实验室天威战队强力驱动）
  ☆627Dec 15, 2022Updated 3 years ago
• z2p / sweetPotato

  View on GitHub
  基于burpsuite的资产分析工具
  ☆476Apr 29, 2023Updated 2 years ago
• ttstormxx / jjjjjjjjjjjjjs

  View on GitHub
  爬网站JS文件，自动fuzz api接口，指定api接口（针对前后端分离项目，可指定后端接口地址），回显api响应
  ☆755Jul 20, 2023Updated 2 years ago
• bmth666 / Yongyou-Unserialize-plus

  View on GitHub
  用友的一些反序列化链子以及1day，二开了狼组的YongYouNcTool，改了一下逻辑以及poc
  ☆126Oct 12, 2024Updated last year
• abc123info / Struts2VulsScanTools

  View on GitHub
  1、点击“检测漏洞”，会自动检测该URL是否存在S2-001、S2-005、S2-009、S2-013、S2-016、S2-019、S2-020/021、S2-032、S2-037、DevMode、S2-045/046、S2-052、S2-048、S2-053、S2-057…
  ☆956Nov 3, 2025Updated 5 months ago
• dark-kingA / superSearchPlus

  View on GitHub
  superSearchPlus是聚合型信息收集插件，支持综合查询，资产测绘查询，信息收集 敏感信息提取 js资源扫描 目录扫描 vue组件扫描 整合了目前常见的资产测绘平台 专为白帽子提供快速侦测目标。
  ☆1,438Dec 16, 2024Updated last year
• Lotus6 / AutoRepeater

  View on GitHub
  Burp插件，自动化挖掘SSRF，Redirect，Sqli漏洞，自定义匹配参数
  ☆469Sep 10, 2023Updated 2 years ago
• shadowabi / S-BlastingDictionary

  View on GitHub
  自己搜集的爆破字典，包括常用用户名、密码弱口令、SQL万能密码等
  ☆642Jun 9, 2024Updated last year
• MD-SEC / MDPOCS

  View on GitHub
  猫蛋儿安全团队编写的poc能报就能打。企业微信、海康、Metabase、Openfire、泛微OA......
  ☆588Apr 9, 2024Updated 2 years ago
• Virtual machines for every use case on DigitalOcean • Ad
  Get dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
• smallfox233 / JsonExp

  View on GitHub
  fastjson漏洞批量检测工具
  ☆362Jul 12, 2024Updated last year
• Awrrays / FrameVul

  View on GitHub
  POC集合，框架nday漏洞利用
  ☆450Feb 18, 2025Updated last year
• dark-kingA / cloudTools

  View on GitHub
  云资产管理工具 目前工具定位是云安全相关工具，目前是两个模块 云存储工具、云服务工具， 云存储工具主要是针对oss存储、查看、删除、上传、下载、预览等等 云服务工具主要是针对rds、服务器的管理，查看、执行命令、接管等等
  ☆1,149Feb 26, 2026Updated last month
• G3et / Search_Viewer

  View on GitHub
  集Fofa、Hunter鹰图、Shodan、360 quake、Zoomeye 钟馗之眼、censys 为一体的空间测绘gui图形界面化工具，支持一键采集爬取和导出fofa、shodan等数据，方便快捷查看
  ☆790Feb 6, 2025Updated last year
• cseroad / Exp-Tools

  View on GitHub
  一款集成高危漏洞exp的实用性工具
  ☆1,304Nov 6, 2024Updated last year
• snnxyss / In-Swor

  View on GitHub
  永久免杀加载器移步另一个项目https://github.com/snnxyss/new_in_swor 一个简单内网渗透工具免杀 目前免杀fscan,mimikatz,frp,elevationstation,bypassuac, 一键killAV 。请使用In-Swor…
  ☆389Dec 21, 2023Updated 2 years ago
• P001water / P1finger

  View on GitHub
  P1finger - 红队行动下的重点资产指纹识别工具，解决信息收集过程中的一小步
  ☆440Aug 5, 2025Updated 8 months ago