Table of Contents
Password Topics
Dictionary attack software
Passwords: Password topics, Passwordless, Password manager - Password management, Authentication, Personal identification number (PIN), Single signon, MFA-2FA, Microsoft Hello, Apple Face ID, Facial recognition, Biometric authentication, Iris recognition, Mainframe passwords (IBM RACF, Retinal scan, Eye vein verification, Recognition, Fingerprint recognition, Password cracking, Password hashing, Popular passwords, Strong passwords, Rainbow table, Secrets - Secrets management (HashiCorp Vault, Azure Vault, AWS Vault, GCP Vault)). (navbar_passwords)
https://github.com/topics/password
Here are 3,167 public repositories matching this topic…
C++
electron javascript security password-manager keeweb password keepass
JavaScript
berzerk0 / Probable-Wordlists - Version 2 is live! Wordlists sorted by probability originally created for password generation and password testing - make sure your passwords aren't popular!
dictionary password wordlist password-strength password-safety dictionary-attack
macos objective-c password-manager password keepass kdbx macpass autotype
Objective-C
openwall / john - Open Have some *2john programs explain that it's normal to have large output
Our users are often confused by the output from programs such as zip2john sometimes being very large (multi-gigabyte). Maybe we should identify and enhance these programs to output a message to stderr to explain to users that it's normal for the output to be very large - maybe always or maybe only when the output size is above a threshold (e.g., 1 million bytes?)
supertokens / supertokens-core - Open (Intermediate) Docker image's error log not in stderr
The repo containing the Dockerfile and the entrypoint is here.
privacy password-manager password self-hosted anonymous passwords lesspass
JavaScript
directory password fuzzing fuzz-testing pentesting username fuzzer wfuzz paramter
Python
database apt exploit scanner hacking password poc brute-force pentest bypass crack privilege-escalation 0day getshell netscan rar-mysql
Updated 21 days ago
PowerShell
k8gege / Ladon - 大型内网渗透扫描器&Cobalt Strike,Ladon9.1.4内置150个模块,包含信息收集/存活主机/端口扫描/服务识别/密码爆破/漏洞检测/漏洞利用。漏洞检测含MS17010/SMBGhost/Weblogic/ActiveMQ/Tomcat/Struts2,密码口令爆破(Mysql/Oracle/MSSQL)/FTP/SSH(Linux)/VNC/Windows(IPC/WMI/SMB/Netbios/LDAP/SmbHash/WmiHash/Winrm),远程执行命令(smbexec/wmiexe/psexec/atexec/sshexec/webshell),降权提权Runas、GetSystem,Poc/Exploit,支持Cobalt Strike 3.X-4.0
security tools hack exploit scanner hacking password poc brute-force pentest portscan security-scanner exp security-tools ladon ipscanner getshell netscan
Updated 15 days ago
C#
password wordlist password-strength weak-passwords dictionary-attack wordlist-generator
Python
jaredhanson / passport-local - Username and password authentication strategy for Passport and Node.js.
password passport
JavaScript
ignis-sec / Pwdb-Public - A collection of all the data i could extract from 1 billion leaked credentials from internet.
password infosec seclists rockyou
- khast3x / h8mail - Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
osint email hacking password recon leak hibp haveibeenpwned breach kali theharvester breach-compilation
Python
javascript html cli encryption password static-html
JavaScript
- panique / huge - Simple user-authentication solution, embedded into a small framework.
php framework authentication password auth authorization password-hash user-auth
PHP
bash unix encryption password-manager gnupg gpg password bash-script file-encryption
Shell
hashing crypto encryption argon2 password
JavaScript
docker kubernetes security containers secrets password k8s vulnerability-scanners security-tools devsecops secret-keys secrets-management secrets-detection scanning-tool infosectools
Go
- sc0tfree / mentalist - Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.
password wordlist cracking wordlist-generator wordlist-technique cracking-hashes
Python
- insightglacier / Dictionary-Of-Pentesting - [Dictionary collection project such as Pentesing, Fuzzing, Bruteforce and BugBounty. 渗透测试、SRC漏洞挖掘、爆破、Fuzzing等字典收集项目。
dns database spring-boot dictionary fingerprint wifi password bruteforce subdomain rce fuzzing pentesting regex-pattern bugbounty pentest payloads iot-security websecurity bugbountytips bughunting-methodology
Shell
- Viralmaniar / Passhunt - Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
security password cybersecurity penetration-testing pentest-tool security-testing default-password default-credentials
Python
- browserpass / browserpass-legacy - Legacy Browser pass repo, development is now happening at:
go firefox chrome password
JavaScript
password bruteforce brute-force-attacks brute-force duyetdev password-dictionaries seclists
react recaptcha dotnet powershell dotnetcore password-manager password iis activedirectory ssl-certificate self-service password-meter application-pool
C#
- CRAnimation / CRBoxInputView - Verify code input view. Support security type for password. 短信验证码输入框,支持密文模式
mobile placeholder phone-number phone uitextfield password uitextview verifycode verifycodeview
Objective-C
ldap password self-service self-service-password
PHP
- K8CScan - k8gege / K8CScan - K8Cscan大型内网渗透自定义插件化扫描神器,包含信息收集、网络资产、漏洞扫描、密码爆破、漏洞利用,程序采用多线程批量扫描大型内网多个IP段C段主机,目前插件包含: C段旁注扫描、子域名扫描、Ftp密码爆破、Mysql密码爆破、Oracle密码爆破、MSSQL密码爆破、Windows/Linux系统密码爆破、存活主机扫描、端口扫描、Web信息探测、操作系统版本探测、Cisco思科设备扫描等,支持调用任意外部程序或脚本,支持Cobalt Strike联动
mysql security exploit ftp scanner ipc smb oracle hacking password subdomain wmi poc mssql pentest crack portscan cobalt-strike getshell netscan
Passwords: Password Policies, Password Complexity Requirements, Password Expiration Policies, Password Rotation, Password History, Password Length, Multi-Factor Authentication, Password Managers, Secure Password Storage, Password Hashing Algorithms, Salted Password Hashing, Password Encryption, Password Recovery Processes, Password Reset Procedures, Password Audits, Password Strength Meters, Password Generation Algorithms, Biometric Authentication as Password Replacement, Single Sign-On (SSO) Systems, Two-Factor Authentication Methods, Passwordless Authentication, Social Login Integration, Phishing Resistance Techniques, User Education on Password Security, Account Lockout Mechanisms, Brute Force Attack Prevention, Dictionary Attack Mitigation, Credential Stuffing Defense Strategies, Security Questions for Password Recovery, Email Verification for Password Reset, Mobile Authentication for Password Management, Password Sharing Practices, Compliance Standards for Password Management, Password Synchronization Techniques, Password Aging Policies, Role-Based Password Access Control, Password Change Notifications, Temporary Passwords Handling, Password Encryption at Rest and in Transit, Third-Party Password Manager Security, Password Policy Enforcement Tools, User Behavior Analytics for Password Security, Zero Trust Approach to Password Management, Password Security for Remote Workers, Password Security Auditing Tools, Password Vulnerability Scanning, Automated Password Reset Solutions, Secure Password Exchange Protocols, Password Entropy Measurement
Passwords GitHub, Password topics, Passwordless, Password manager - Password management (LastPass, 1Password), Authentication, Personal identification number (PIN), Single signon, MFA-2FA, Microsoft Hello, Apple Face ID, Facial recognition, Biometric authentication, Iris recognition, Mainframe passwords (IBM RACF, Retinal scan, Eye vein verification, Recognition, Fingerprint recognition, Password cracking, Password hashing, Popular passwords, Strong passwords, Rainbow table, Secrets - Secrets management (HashiCorp Vault, Azure Vault, AWS Vault, GCP Vault), Passkeys, Awesome passwords (navbar_passwords - See also: navbar_passkeys, navbar_iam, navbar_pentesting, navbar_encryption, navbar_mfa)
Cloud Monk is Retired ( for now). Buddha with you. © 2025 and Beginningless Time - Present Moment - Three Times: The Buddhas or Fair Use. Disclaimers
SYI LU SENG E MU CHYWE YE. NAN. WEI LA YE. WEI LA YE. SA WA HE.