security-passwords

GitHub

提供经授权的密码测试列表,包括常见、泄露及最弱密码。用于渗透测试、凭证验证、暴力破解及CTF竞赛等安全评估场景,严禁未授权访问或恶意使用。

skills/security-passwords/SKILL.md Eyadkelleh/awesome-skills-security

Trigger Scenarios

需要进行授权密码喷洒测试 执行凭证或密码策略验证 开展授权暴力破解测试 参与CTF竞赛或安全研究

Install

npx skills add Eyadkelleh/awesome-skills-security --skill security-passwords -g -y
More Options

Use without installing

npx skills use Eyadkelleh/awesome-skills-security@security-passwords

指定 Agent (Claude Code)

npx skills add Eyadkelleh/awesome-skills-security --skill security-passwords -a claude-code -g -y

安装 repo 全部 skill

npx skills add Eyadkelleh/awesome-skills-security --all -g -y

预览 repo 内 skill

npx skills add Eyadkelleh/awesome-skills-security --list

SKILL.md

Frontmatter
{
    "name": "security-passwords",
    "description": "Top password lists for authorized security testing: common passwords, darkweb leaks, worst passwords. Curated essentials (<10MB)."
}

SecLists Passwords (Curated)

Description

Top password lists for authorized security testing: common passwords, darkweb leaks, worst passwords. Curated essentials (<10MB).

Source: SecLists/Passwords Repository: https://github.com/danielmiessler/SecLists License: MIT

When to Use This Skill

Use this skill when you need:

  • Password spraying (authorized)
  • Credential testing
  • Password policy validation
  • Brute force testing (authorized)
  • Authentication testing

⚠️ IMPORTANT: Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.

Key Files in This Skill

  • 500-worst-passwords.txt - 500 worst passwords
  • 10k-most-common.txt - 10K common passwords
  • 100k-most-used-passwords-NCSC.txt - 100K passwords
  • darkweb2017_top-10000.txt - 10K from breaches
  • probable-v2_top-12000.txt - 12K probable passwords

Usage Example

# Access files from this skill
import os

# Example: Load patterns/payloads
skill_path = "references/Passwords"

# List all available files
for root, dirs, files in os.walk(skill_path):
    for file in files:
        if file.endswith('.txt'):
            filepath = os.path.join(root, file)
            print(f"Found: {filepath}")
            
            # Read file content
            with open(filepath, 'r', errors='ignore') as f:
                content = f.read().splitlines()
                print(f"  Lines: {len(content)}")

Security & Ethics

Authorized Use Cases ✅

  • Authorized penetration testing with written permission
  • Bug bounty programs (within scope)
  • CTF competitions
  • Security research in controlled environments
  • Testing your own systems
  • Educational demonstrations

Prohibited Use Cases ❌

  • Unauthorized access attempts
  • Testing without permission
  • Malicious activities
  • Privacy violations
  • Any illegal activities

Complete SecLists Collection

This is a curated subset of SecLists. For the complete collection:


Generated by Skill Seeker | SecLists Passwords Collection License: MIT - Use responsibly with proper authorization

Version History

  • ae26985 Current 2026-07-05 11:56

Same Skill Collection

skills/llm-testing/SKILL.md
skills/security-fuzzing/SKILL.md
skills/security-patterns/SKILL.md
skills/security-payloads/SKILL.md
skills/security-usernames/SKILL.md
skills/security-webshells/SKILL.md

Metadata

Files
0
Version
ae26985
Hash
dab64efb
Indexed
2026-07-05 11:56

Accueil - Wiki
Copyright © 2011-2026 iteam. Current version is 2.155.2. UTC+08:00, 2026-07-08 19:52
浙ICP备14020137号-1 $Carte des visiteurs$