# 字典文件

## 凭据

* [Default Credentials Cheat Sheet](https://github.com/ihebski/DefaultCreds-cheat-sheet) - 所有默认凭据的汇总，协助蓝队/红队成员查找使用默认密码的设备。
* [PWDB - 新一代密码大规模分析工具](https://github.com/ignis-sec/Pwdb-Public) - 从互联网10亿凭据泄露中提取的所有数据集合。

## 通用

* [WordList Compendium](https://github.com/Dormidera/WordList-Compendium) - 个人编写的各类字典集合：用户名、密码、目录、文件、漏洞、模糊测试、注入、工具字典等。
* [SecLists](https://github.com/danielmiessler/SecLists) - 安全评估过程中使用的多种类型列表集合。

## Web内容

* [Assetnote Wordlists](https://wordlists.assetnote.io/) - 用于内容和子域名发现的高质量字典。
  * [swagger-wordlist.txt](https://wordlists-cdn.assetnote.io/data/kiterunner/swagger-wordlist.txt) - 从多个数据源收集的swagger文件，包括对40多个最常见swagger路径的互联网范围扫描。
* [fuzz.txt](https://github.com/Bo0oM/fuzz.txt) - 潜在危险文件。
* [leaky-paths](https://github.com/ayoubfathi/leaky-paths) - 与主要Web CVE、已知错误配置、重要API等相关联的特殊路径集合。


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://gitbook.cdxiaodong.life/an-quan-zi-yuan/lie-biao/wordlists.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.