Default passwords and Password reuse is prominent in Internal Penetration tests
In addition, easy-to-remember passwords that can be typed quickly instead of typing 15-character long passwords are often used repeatedly because Single-Sign-On (SSO) is not always immediately available during initial installation, and configuration in internal networks requires significant changes.
There are various databases that keep a running list of known default credentials. One of them is the DefaultCreds-Cheat-Sheet
Attacking those services with the default or obtained credentials is called Credential Stuffing.
Credential Stuffing - Hydra Syntax
hydra -C <user_pass.list> <protocol>://<IP>Example:
hydra -C user_pass.list ssh://10.129.42.197Also search for default credentials from google
Besides the default credentials for applications, some lists offer them for routers. One of these lists can be found here.
Practice Lab
after ssh , use this sheet for mysql default creds (superdba)