Wordlists & co.

Resources

https://github.com/six2dez/OneListForAll

https://github.com/danielmiessler/SecLists https://github.com/kaonashi-passwords/Kaonashi https://github.com/tarraschk/richelieu https://github.com/brannondorsey/naive-hashcat/releases/download/data/rockyou.txt https://packetstormsecurity.com/Crackers/wordlists/page4/ http://www.gwicks.net/dictionaries.htm # SCADA Default Passwords http://www.critifence.com/default-password-database/ https://weakpass.com/ https://github.com/berzerk0/Probable-Wordlists # Looks very cool wordlists https://github.com/FlameOfIgnis/Pwdb-Public CeWL # CeWL allows you to build custom wordlists based on online resources # If you know that your target is target.com, you can parse web content to build lists # Can be time consuming # 5 levels of depth and minimum 7 char per word cewl -w customwordlist.txt -d 5 -m 7 www.sans.org # Also visit and parse other sites cewl -w customwordlist.txt -d 5 -m 7 -o www.sans.org # Include e-mail adresses cewl -w customwordlist.txt -d 5 -m 7 -e www.sans.org PACK # Password Analysis and Cracking Kit # You can get stats about already cracked passwords # In order to define new masks https://github.com/iphelix/pack python statsgen.py rockyou.txt Combinator # Combinator is part of the hashcat-utils # It can be used to prepare a combinated wordlist for cracking # It allows then to combination + others settings like masks or rules combinator.exe file1 file2 # It can create MASSIVE wordlists and take some time to run. # Three files combination combinator2.exe file1 file2 file3 # You can also feed output directly to hashcat combinator.exe file1 file2 | hashcat -m x hashs.file -a 0 --force -O