工具
Metasploit Framework
Nmap
SQLMap
Dirb
Gobuster
Netcat
反弹shell
Hydra
wfuzz
wpscan
searchsploit
字典
arp-scan
hashcat
Netdiscover
Cobalt Strike
Goby
Nessus
Xray
Nuclei
-
+
首页
字典
## kali /usr/share/wordlists/ - 主要字典存放目录 ```bash ┌──(kali㉿kali)-[/usr/share/wordlists] └─$ ls -ailh total 134M 1368351 drwxr-xr-x 3 root root 4.0K Oct 8 12:09 . 1177346 drwxr-xr-x 359 root root 12K Oct 3 04:22 .. 1308181 lrwxrwxrwx 1 root root 25 Oct 3 04:22 dirb -> /usr/share/dirb/wordlists 1308180 lrwxrwxrwx 1 root root 30 Oct 3 04:22 dirbuster -> /usr/share/dirbuster/wordlists 1308182 lrwxrwxrwx 1 root root 35 Oct 3 04:22 dnsmap.txt -> /usr/share/dnsmap/wordlist_TLAs.txt 1308188 lrwxrwxrwx 1 root root 41 Oct 3 04:22 fasttrack.txt -> /usr/share/set/src/fasttrack/wordlist.txt 1308183 lrwxrwxrwx 1 root root 45 Oct 3 04:22 fern-wifi -> /usr/share/fern-wifi-cracker/extras/wordlists 1308184 lrwxrwxrwx 1 root root 28 Oct 3 04:22 john.lst -> /usr/share/john/password.lst 1308185 lrwxrwxrwx 1 root root 27 Oct 3 04:22 legion -> /usr/share/legion/wordlists 1308186 lrwxrwxrwx 1 root root 46 Oct 3 04:22 metasploit -> /usr/share/metasploit-framework/data/wordlists 1308187 lrwxrwxrwx 1 root root 41 Oct 3 04:22 nmap.lst -> /usr/share/nmap/nselib/data/passwords.lst 1367338 -rw-r--r-- 1 root root 134M May 12 2023 rockyou.txt 1440390 drwxr-xr-x 3 root root 4.0K Oct 3 05:15 seclists 1308190 lrwxrwxrwx 1 root root 39 Oct 3 04:22 sqlmap.txt -> /usr/share/sqlmap/data/txt/wordlist.txt 1308189 lrwxrwxrwx 1 root root 25 Oct 3 04:22 wfuzz -> /usr/share/wfuzz/wordlist 1308179 lrwxrwxrwx 1 root root 37 Oct 3 04:22 wifite.txt -> /usr/share/dict/wordlist-probable.txt ``` > 密码字典 | 字典路径 | 说明 | | -------------------------------------------------- | -------------------------------- | | /usr/share/wordlists/rockyou.txt | 最著名的密码字典,包含千万级密码 | | /usr/share/wordlists/fasttrack.txt | FastTrack 项目密码字典 | | /usr/share/wordlists/metasploit/unix_passwords.txt | Metasploit Unix 密码字典 | | /usr/share/wordlists/metasploit/common_roots.txt | 常见基础密码 | | /usr/share/wordlists/nmap.lst | Nmap 密码字典 | > 用户名字典 | 字典路径 | 说明 | | ------------------------------------------------------------ | -------------------------- | | /usr/share/wordlists/metasploit/default_users.txt | Metasploit 默认用户名字典 | | /usr/share/wordlists/metasploit/default_unix_users.txt | Metasploit Unix 用户名字典 | | /usr/share/wordlists/seclists/Usernames/top_shortlist.txt | 常用用户名短列表 | | /usr/share/wordlists/seclists/Usernames/xato-net-10-million-usernames.txt | 千万级用户名字典 | > 子域名字典 | 字典路径 | 说明 | | ------------------------------------------------------------ | ----------------- | | /usr/share/wordlists/dnsmap.txt | DNSMap 子域名字典 | | /usr/share/wordlists/seclists/Discovery/DNS/subdomains-top1million-5000.txt | Top 5000 子域名 | | /usr/share/wordlists/seclists/Discovery/DNS/namelist.txt | 子域名名称列表 | > 参数和漏洞字典 | 字典路径 | 说明 | | ------------------------------------------------------------ | --------------- | | /usr/share/wordlists/seclists/Discovery/Web-Content/burp-parameter-names.txt | Burp 参数名字典 | | /usr/share/wordlists/seclists/Discovery/Web-Content/common.txt | 常见Web内容 | | /usr/share/wordlists/seclists/Fuzzing/SQLi/Generic-SQLi.txt | SQL注入载荷 | | /usr/share/wordlists/seclists/Fuzzing/XSS/xss-rsnake.txt | XSS 载荷字典 | > 特定服务字典 | 字典路径 | 说明 | | ------------------------------------------------ | ------------------------ | | /usr/share/wordlists/metasploit/namelist.txt | 服务枚举名称列表 | | /usr/share/wordlists/metasploit/jtr/password.lst | John the Ripper 密码字典 | | /usr/share/wordlists/nmap.lst | Nmap 服务扫描字典 | ## seclists字典 Seclists字典是一个致力于收集各种安全字典的开源项目。 由安全研究员 Daniel Miessler 发起并维护,旨在为渗透测试、安全评估、漏洞挖掘等场景提供高质量的测试数据(如密码、路径、Payload 等)。 Github仓库地址:https://github.com/danielmiessler/SecLists ```bash ┌──(kali㉿kali)-[/usr/share/wordlists/seclists/SecLists-master] └─$ ls -ailh total 156K 1440399 drwxr-xr-x 13 root root 4.0K Oct 2 10:06 . 1440390 drwxr-xr-x 3 root root 4.0K Oct 3 05:15 .. 1448923 drwxr-xr-x 3 root root 4.0K Oct 2 10:06 Ai 1448860 drwxr-xr-x 5 root root 4.0K Oct 2 10:06 .bin 1448940 -rw-r--r-- 1 root root 6.3K Oct 2 10:06 CONTRIBUTING.md 1448941 -rw-r--r-- 1 root root 45K Oct 2 10:06 CONTRIBUTORS.md 1448942 drwxr-xr-x 9 root root 4.0K Oct 2 10:06 Discovery 1449449 drwxr-xr-x 9 root root 4.0K Oct 2 10:06 Fuzzing 1448906 -rw-r--r-- 1 root root 47 Oct 2 10:06 .gitattributes 1448907 drwxr-xr-x 4 root root 4.0K Oct 2 10:06 .github 1448922 -rw-r--r-- 1 root root 51 Oct 2 10:06 .gitignore 1454860 -rw-r--r-- 1 root root 1.1K Oct 2 10:06 LICENSE 1454861 drwxr-xr-x 8 root root 4.0K Oct 2 10:06 Miscellaneous 1455154 drwxr-xr-x 15 root root 4.0K Oct 2 10:06 Passwords 1455982 drwxr-xr-x 3 root root 4.0K Oct 2 10:06 Pattern-Matching 1456000 drwxr-xr-x 8 root root 4.0K Oct 2 10:06 Payloads 1456056 -rw-r--r-- 1 root root 4.3K Oct 2 10:06 README.md 1456058 -rw-r--r-- 1 root root 25K Oct 2 10:06 SecLists.png 1456059 drwxr-xr-x 4 root root 4.0K Oct 2 10:06 Usernames 1456078 drwxr-xr-x 10 root root 4.0K Oct 2 10:06 Web-Shells ```
毛林
2025年10月9日 00:39
转发文档
收藏文档
上一篇
下一篇
手机扫码
复制链接
手机扫一扫转发分享
复制链接
Markdown文件
PDF文档(打印)
分享
链接
类型
密码
更新密码