{"id":17141029,"url":"https://github.com/0xhjk/totalpass","last_synced_at":"2025-04-13T05:13:17.990Z","repository":{"id":39340062,"uuid":"248681581","full_name":"0xHJK/TotalPass","owner":"0xHJK","description":"Default password scanner. 默认密码扫描器","archived":false,"fork":false,"pushed_at":"2020-04-27T03:44:27.000Z","size":1127,"stargazers_count":194,"open_issues_count":1,"forks_count":15,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-04-13T05:13:09.552Z","etag":null,"topics":["brute-force","bug-bounty","hacking","password","password-cracker","pentesting","redis","scanner","security","snmp","ssh","telnet"],"latest_commit_sha":null,"homepage":"https://github.com/0xHJK/TotalPass","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0xHJK.png","metadata":{"files":{"readme":"README.md","changelog":"HISTORY.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-20T06:11:40.000Z","updated_at":"2025-01-17T18:27:47.000Z","dependencies_parsed_at":"2022-09-14T12:31:26.260Z","dependency_job_id":null,"html_url":"https://github.com/0xHJK/TotalPass","commit_stats":null,"previous_names":["0xhjk/totalpwd"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2FTotalPass","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2FTotalPass/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2FTotalPass/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0xHJK%2FTotalPass/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0xHJK","download_url":"https://codeload.github.com/0xHJK/TotalPass/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248665746,"owners_count":21142123,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","bug-bounty","hacking","password","password-cracker","pentesting","redis","scanner","security","snmp","ssh","telnet"],"created_at":"2024-10-14T20:24:08.522Z","updated_at":"2025-04-13T05:13:17.948Z","avatar_url":"https://github.com/0xHJK.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# TotalPass\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/0xHJK/TotalPass\"\u003e\n    \u003cimg src=\"https://github.com/0xHJK/TotalPass/raw/master/totalpass.jpg\" alt=\"totalpass\"\u003e\n  \u003c/a\u003e\n  \u003cspan\u003eTotalPass 是一款默认口令/弱口令扫描工具\u003c/span\u003e\u003cbr\u003e\n\u003cp\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca\u003e\u003cimg src=\"https://img.shields.io/pypi/pyversions/TotalPass.svg\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/0xHJK/TotalPass/releases\"\u003e\n    \u003cimg src=\"https://img.shields.io/github/v/release/0xHJK/TotalPass?include_prereleases\"\u003e\n  \u003c/a\u003e\n  \u003ca\u003e\u003cimg src=\"https://img.shields.io/github/license/0xHJK/TotalPass\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://github.com/0xHJK/TotalPass\"\u003ehttps://github.com/0xHJK/TotalPass\u003c/a\u003e\n\u003c/p\u003e\n\n\u003chr\u003e\n\n\u003e ⚠️ **警告：本工具仅用于授权测试，不得用于非法用途，否则后果自负！**\n\u003e \n\u003e ⚠️ **WARNING：FOR LEGAL PURPOSES ONLY!**\n\n\n## 🤘 Features\n\n1. 扫描目标设备是否存在默认密码\n2. 搜索常见设备默认密码\n3. 支持手动和自动更新密码库\n\n目前支持的默认密码扫描类型有\n- SSH\n- Telnet\n- SNMP\n- Redis\n\n## 🚀 QuickStart\n\n```bash\n$ pip3 install totalpass\n$ totalpass scan 192.168.1.1\n```\n\n手动安装\n```bash\n$ git clone https://github.com/0xHJK/TotalPass\n$ cd TotalPass\n$ python3 setup.py install\n```\n\n## 💫 Usage\n\n查看帮助\n\n```bash\n$ totalpass --help\nUsage: totalpass.py [OPTIONS] COMMAND [ARGS]...\n\nOptions:\n  --version  Show the version and exit.\n  --help     Show this message and exit.\n\nCommands:\n  list    列出所有支持的设备信息和服务类型\n  scan    指定目标进行密码扫描\n  search  从密码库中搜索密码\n  update  从 cirt.net 更新密码库\n```\n\n查看扫描命令帮助\n```bash\n$ totalpass scan --help\nUsage: totalpass.py scan [OPTIONS] TARGET...\n\n  指定目标进行密码扫描\n\nOptions:\n  -x, --name TEXT        指定设备型号或品牌\n  -c, --category TEXT    指定扫描类型\n  -p, --port INTEGER     指定扫描端口\n  -d, --dirname TEXT     指定字典目录或文件\n  --common               使用常见弱口令字典\n  -t, --threads INTEGER  指定线程数量\n  -v, --verbose          详细输出模式\n  --help                 Show this message and exit.\n```\n\n## 🤖 Scanner\n\n对单一IP进行所有扫描\n```bash\n$ totalpass scan 192.168.1.1\n```\n\n使用详细模式\n```bash\n$ totalpass scan -v 192.168.1.1\n```\n\n指定扫描类型进行扫描\n```bash\n$ totalpass scan -c ssh 192.168.1.1\n```\n\n指定端口进行扫描\n```bash\n$ totalpass scan -p 22 192.168.1.1\n```\n\n自定义字典进行扫描\n```bash\n$ totalpass scan -d your-wordlist 192.168.1.1\n```\n\n对多个IP进行扫描（速度较慢）\n```bash\n$ totalpass scan 192.168.1.1 192.168.1.2\n\n$ totalpass scan 192.168.1.1/24\n```\n\n## 🔑 Passwords\n\n查看支持的扫描类型\n```bash\n$ totalpass list\n```\n\n在密码库中搜索密码\n```bash\n$ totalpass search weblogic\n```\n\n在密码库中搜索密码（以表格形式显示）\n```bash\n$ totalpass search -v tomcat\n```\n\n在密码库中搜索密码（以完整形式显示）\n```bash\n$ totalpass search -vv tomcat\n```\n\n多个条件搜索\n```bash\n$ totalpass search oracle unix\n```\n\n更新密码库\n```bash\n$ totalpass update\n```\n\n## 🧩 Options\n\n### 扫描目标\n\n扫描目标支持单个IP、多个IP、子网、指定类型和端口等形式\n```bash\n$ totalpass scan 192.168.1.1\n\n$ totalpass scan 192.168.1.1 192.168.1.2\n\n$ totalpass scan 192.168.1.1/24\n\n$ totalpass scan redis://192.168.1.1:6379\n```\n\n### 设备类型或名称\n\n参数：`-x`或`--name=`\n\n对应payloads目录中的yml文件的name属性\n\n### 扫描类型\n\n参数：`-c`或`--category=`\n\n对应payloads目录中的yml文件的category属性，也和`addons`目录中的插件名称对应，如果不指定则默认使用所有插件。\n\n支持多种类型，如`-c ssh -c telnet`\n\n### 扫描端口\n\n参数：`-p`或`--port=`\n\n不指定则使用默认端口\n\n### 线程数量\n\n参数：`-t`或`--threads=`\n\n默认10线程\n\n### 常见弱口令\n\n参数：`--common`\n\n在匹配的yml文件之外，使用csv文件中常见弱口令进行爆破\n\n### 自定义字典\n\n参数：`-d`或`--dirname=`\n\n可以指定字典目录或字典文件\n\n### 详细模式\n\n参数：`-v` `-vv` `-vvv`\n\n`v`越多，输出越详细\n\n\n## 📜 History\n\n\u003chttps://github.com/0xHJK/TotalPass/blob/master/HISTORY.md\u003e\n\n## 🤝 Contributing\n\n\u003chttps://github.com/0xHJK/TotalPass/blob/master/CONTRIBUTING.md\u003e\n\n## 📄 License\n\n[MIT License](https://github.com/0xHJK/TotalPass/blob/master/LICENSE)\n\n## ❤️ Donate\n\nBTC：bc1qn hvev dghq uzc3 fh9c qdja 63ut qqgn va3l h6n2s\n\nWechat：\n\n![Wechat](https://github.com/0xHJK/music-dl/raw/master/static/wepay.jpg)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xhjk%2Ftotalpass","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0xhjk%2Ftotalpass","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0xhjk%2Ftotalpass/lists"}