# Wordlist
## Wordlist
### Colors Wordlist:
```shell
wget https://gist.githubusercontent.com/mordka/c65affdefccb7264efff77b836b5e717/raw/e65646a07849665b28a7ee641e5846a1a6a4a758/colors-list.txt
```
### Most popular world cities
Can be useful when performing brute-force attacks on question-based password authentication.
To take only the city, you can use the following command
```bash
cat world-cities.csv | cut -d ',' -f1 > city_wordlist.txt
#Take only the German cities
cat world-cities.csv | grep Germany | cut -d ',' -f1 > german_cities.txt
```
{% embed url="" %}
### Seclists
#### Password list from Seclists:
```bash
#Download the seclists wordlist with curl
curl -s -O https://raw.githubusercontent.com/danielmiessler/SecLists/56a39ab9a70a89b56d66dad8bdffb887fba1260e/Passwords/2023-200_most_used_passwords.txt
```
#### Most used passwords from Seclists:
{% embed url="" %}
{% embed url="" %}
#### Default credentials
{% embed url="" %}
### SCADA wordlist with Default passwords
## Crunch
Generate a wordlist based on specific criteria
```bash
man crunch
```
In the following example we generate 2 caracters per line with the mentinned letteers and numbers -t starts with lowercase (@) and ends with number (%)
Here is a Bash command used to generate a custom wordlist using the `crunch` tool:
```bash
Crunch 2 2 abcdefghijklmnop1234566 -t @% > word
```
Create 4 digits wordlist starting from 1 to 9999:
```bash
crunch 1 4 0123456789 -o digits
seq 1 10000 > ports.txt
```
### Bash
Create a file containing 1 to 1000 digits with bash:
```bash
for i in $(seq 1 1000); do echo $i >> ids.txt; done
```
## Custom wordlists
Username Anarchy generates potential usernames based on a target's name.
| Command | Description |
| ------------------------------------- | --------------------------------------------------------------------------------------------- |
| `username-anarchy Jane Smith` | Generate possible usernames for "Jane Smith" |
| `username-anarchy -i names.txt` | Use a file (`names.txt`) with names for input. Can handle space, CSV, or TAB delimited names. |
| `username-anarchy -a --country us` | Automatically generate usernames using common names from the US dataset. |
| `username-anarchy -l` | List available username format plugins. |
| `username-anarchy -f format1,format2` | Use specific format plugins for username generation (comma-separated). |
| `username-anarchy -@ example.com` | Append `@example.com` as a suffix to each username. |
| `username-anarchy --case-insensitive` | Generate usernames in case-insensitive (lowercase) format. |
CUPP (Common User Passwords Profiler) creates personalized password wordlists based on gathered intelligence.
| Command | Description |
| ---------------------- | ------------------------------------------------------------------- |
| `cupp -i` | Generate wordlist based on personal information (interactive mode). |
| `cupp -w profiles.txt` | Generate a wordlist from a predefined profile file. |
| `cupp -l` | Download popular password lists like `rockyou.txt`. |
#### Password Policy Filtering
Password policies often dictate specific requirements for password strength, such as minimum length, inclusion of certain character types, or exclusion of common patterns. `grep` combined with regular expressions can be a powerful tool for filtering wordlists to identify passwords that adhere to a given policy. Below is a table summarizing common password policy requirements and the corresponding `grep` regex patterns to apply:
```bash
grep '[[:upper:]]' /opt/useful/seclists/Passwords/Leaked-Databases/rockyou.txt | grep '[[:lower:]]' | grep '[[:digit:]]' | grep -E '.{10}' > custom_wordlist.txt
```
Password policy example:
* Minimum Length: 6 characters
* Must Include:
* At least one uppercase letter
* At least one lowercase letter
* At least one number
* At least two special characters (from the set `!@#$%^&*`)
We can use the following filters to match the password policy above
```bash
grep -E '^.{6,}$' jane.txt | grep -E '[A-Z]' | grep -E '[a-z]' | grep -E '[0-9]' | grep -E '([!@#$%^&*].*){2,}' > jane-filtered.txt
```
| Policy Requirement | Grep Regex Pattern | Explanation |
| ------------------------------------------ | -------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Minimum Length (e.g., 8 characters) | `grep -E '^.{8,}$' wordlist.txt` | `^` matches the start of the line, `.` matches any character, `{8,}` matches 8 or more occurrences, `$` matches the end of the line. |
| At Least One Uppercase Letter | `grep -E '[A-Z]' wordlist.txt` | `[A-Z]` matches any uppercase letter. |
| At Least One Lowercase Letter | `grep -E '[a-z]' wordlist.txt` | `[a-z]` matches any lowercase letter. |
| At Least One Digit | `grep -E '[0-9]' wordlist.txt` | `[0-9]` matches any digit. |
| At Least One Special Character | `grep -E '[!@#$%^&*()_+-=[]{};':"\,.<>/?]' wordlist.txt` | `[!@#$%^&*()_+-=[]{};':"\,.<>/?]` matches any special character (symbol). |
| No Consecutive Repeated Characters | `grep -E '(.)\1' wordlist.txt` | `(.)` captures any character, `\1` matches the previously captured character. This pattern will match any line with consecutive repeated characters. Use `grep -v` to invert the match. |
| Exclude Common Patterns (e.g., "password") | `grep -v -i 'password' wordlist.txt` | `-v` inverts the match, `-i` makes the search case-insensitive. This pattern will exclude any line containing "password" (or "Password", "PASSWORD", etc.). |
| Exclude Dictionary Words | `grep -v -f dictionary.txt wordlist.txt` | `-f` reads patterns from a file. `dictionary.txt` should contain a list of common dictionary words, one per line. |
| Combination of Requirements | `grep -E '^.{8,}$' wordlist.txt \| grep -E '[A-Z]'` | This command filters a wordlist to meet multiple password policy requirements. It first ensures that each word has a minimum length of 8 characters (`grep -E '^.{8,}$'`), and then it pipes the result into a second `grep` command to match only words that contain at least one uppercase letter (`grep -E '[A-Z]'`). This approach ensures the filtered passwords meet both the length and uppercase letter criteria. |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.hackjiji.org/general/wordlist.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.