LinkedIn

Wordlist

Wordlist

Colors Wordlist:

wget https://gist.githubusercontent.com/mordka/c65affdefccb7264efff77b836b5e717/raw/e65646a07849665b28a7ee641e5846a1a6a4a758/colors-list.txt

Most popular world cities

Can be useful when performing brute-force attacks on question-based password authentication.

To take only the city, you can use the following command

cat world-cities.csv | cut -d ',' -f1 > city_wordlist.txt

#Take only the German cities
cat world-cities.csv | grep Germany | cut -d ',' -f1 > german_cities.txt
Logoworld-cities/data/world-cities.csv at main · datasets/world-citiesGitHub

Seclists

Password list from Seclists:

#Download the seclists wordlist with curl
curl -s -O https://raw.githubusercontent.com/danielmiessler/SecLists/56a39ab9a70a89b56d66dad8bdffb887fba1260e/Passwords/2023-200_most_used_passwords.txt

Most used passwords from Seclists:

https://raw.githubusercontent.com/danielmiessler/SecLists/56a39ab9a70a89b56d66dad8bdffb887fba1260e/Passwords/2023-200_most_used_passwords.txtraw.githubusercontent.com

LogoGitHub - danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.GitHub

Default credentials

LogoSecLists/Passwords/Default-Credentials at master · danielmiessler/SecListsGitHub

SCADA wordlist with Default passwords

https://github.com/scadastrangelove/SCADAPASS/tree/master

Crunch

Generate a wordlist based on specific criteria 

man crunch

In the following example we generate 2 caracters per line with the mentinned letteers and numbers -t starts with lowercase (@) and ends with number (%)

Here is a Bash command used to generate a custom wordlist using the crunch tool:

Crunch 2 2 abcdefghijklmnop1234566 -t @% > word

Create 4 digits wordlist starting from 1 to 9999:

crunch 1 4 0123456789 -o digits
seq 1 10000 > ports.txt

Bash

Create a file containing 1 to 1000 digits with bash:

for i in $(seq 1 1000); do echo $i >> ids.txt; done

Custom wordlists

Username Anarchy generates potential usernames based on a target's name.

Command
Description

username-anarchy Jane Smith

Generate possible usernames for "Jane Smith"

username-anarchy -i names.txt

Use a file (names.txt) with names for input. Can handle space, CSV, or TAB delimited names.

username-anarchy -a --country us

Automatically generate usernames using common names from the US dataset.

username-anarchy -l

List available username format plugins.

username-anarchy -f format1,format2

Use specific format plugins for username generation (comma-separated).

username-anarchy -@ example.com

Append @example.com as a suffix to each username.

username-anarchy --case-insensitive

Generate usernames in case-insensitive (lowercase) format.

CUPP (Common User Passwords Profiler) creates personalized password wordlists based on gathered intelligence.

Command
Description

cupp -i

Generate wordlist based on personal information (interactive mode).

cupp -w profiles.txt

Generate a wordlist from a predefined profile file.

cupp -l

Download popular password lists like rockyou.txt.

Password Policy Filtering

Password policies often dictate specific requirements for password strength, such as minimum length, inclusion of certain character types, or exclusion of common patterns. grep combined with regular expressions can be a powerful tool for filtering wordlists to identify passwords that adhere to a given policy. Below is a table summarizing common password policy requirements and the corresponding grep regex patterns to apply:

grep '[[:upper:]]' /opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt | grep '[[:lower:]]' | grep '[[:digit:]]' | grep -E '.{10}' > custom_wordlist.txt

Password policy example:

  • Minimum Length: 6 characters

  • Must Include:

    • At least one uppercase letter

    • At least one lowercase letter

    • At least one number

    • At least two special characters (from the set !@#$%^&*)

We can use the following filters to match the password policy above

grep -E '^.{6,}$' jane.txt | grep -E '[A-Z]' | grep -E '[a-z]' | grep -E '[0-9]' | grep -E '([!@#$%^&*].*){2,}' > jane-filtered.txt
Policy Requirement
Grep Regex Pattern
Explanation

Minimum Length (e.g., 8 characters)

grep -E '^.{8,}$' wordlist.txt

^ matches the start of the line, . matches any character, {8,} matches 8 or more occurrences, $ matches the end of the line.

At Least One Uppercase Letter

grep -E '[A-Z]' wordlist.txt

[A-Z] matches any uppercase letter.

At Least One Lowercase Letter

grep -E '[a-z]' wordlist.txt

[a-z] matches any lowercase letter.

At Least One Digit

grep -E '[0-9]' wordlist.txt

[0-9] matches any digit.

At Least One Special Character

grep -E '[!@#$%^&*()_+-=[]{};':"\,.<>/?]' wordlist.txt

[!@#$%^&*()_+-=[]{};':"\,.<>/?] matches any special character (symbol).

No Consecutive Repeated Characters

grep -E '(.)\1' wordlist.txt

(.) captures any character, \1 matches the previously captured character. This pattern will match any line with consecutive repeated characters. Use grep -v to invert the match.

Exclude Common Patterns (e.g., "password")

grep -v -i 'password' wordlist.txt

-v inverts the match, -i makes the search case-insensitive. This pattern will exclude any line containing "password" (or "Password", "PASSWORD", etc.).

Exclude Dictionary Words

grep -v -f dictionary.txt wordlist.txt

-f reads patterns from a file. dictionary.txt should contain a list of common dictionary words, one per line.

Combination of Requirements

grep -E '^.{8,}$' wordlist.txt | grep -E '[A-Z]'

This command filters a wordlist to meet multiple password policy requirements. It first ensures that each word has a minimum length of 8 characters (grep -E '^.{8,}$'), and then it pipes the result into a second grep command to match only words that contain at least one uppercase letter (grep -E '[A-Z]'). This approach ensures the filtered passwords meet both the length and uppercase letter criteria.

PreviousHash CrackingNextEncoding/decoding

Last updated