# Wordlist ## Public Wordlists
WordlistsDetails
WeakpassWebsite with collection of password lists for various purposes. See also API.
SecListsCollection of multiple types of lists.
### Default Credentials {% tabs %} {% tab title="Tools" %}
ToolDetails
DefaultCreds-cheat-sheet

Default credentials collected from multiple sources.
creds update

creds search <STRING> [export]

{% endtab %} {% tab title="Wordlists" %} * [CIRT.NET](https://www.cirt.net/passwords) * [SecList](https://github.com/danielmiessler/SecLists/blob/master/Passwords/Default-Credentials/default-passwords.csv) * [SCADAPASS](https://github.com/scadastrangelove/SCADAPASS/blob/master/scadapass.csv) * [Router](https://www.softwaretestinghelp.com/default-router-username-and-password-list/) {% endtab %} {% endtabs %} ## Wordlist Generation {% tabs %} {% tab title="Tools" %}
ToolDetails
crunchcrunch <MIN> <MAX> <CHARSET> [-t <PATTERN> -o <OUTPUT>]
, for all uppercase letters
@ for all lowercase letters
% for all numeric characters
^ for all special characters
CONST
CeWLWordlists based on the content of websites.
cewl http://<IP> -w <OUTPUT> -d <DEEP> -m <MIN> -x <MAX> --with-numbers --lowercase
cuppWordlists based on the profiling of a user.
cupp -i
pydictorA powerful and useful hacker dictionary builder.
pydictor -sedb
username-anarchyTool for generating possible usernames.
username-anarchy <NAME>
username-anarchy -i <FILE_NAMES>
RSManglerPerforms various manipulations on a wordlist.
rsmangler.rb -f <WORDLIST>
hashcat

Apply rules to a wordlist (/usr/share/hashcat/rules)

c $! $0
c $0 $1

hashcat -r <RULE_FILE> --stdout <WORDLIST>

{% endtab %} {% tab title="Webssite" %} * [Passgen (Weakpass) 1](https://weakpass.com/tools/passgen) * [Passgen (Weakpass) 2](https://zzzteph.github.io/weakpass/passgen/dist/) {% endtab %} {% tab title="To See" %}
ToolDetails
mentalistGraphical tool for generating custom wordlists that allows you to apply various rules.
cookAn overpower wordlist generator, splitter, merger, finder, saver, create words permutation and combinations, apply different encoding/decoding, etc.
{% endtab %} {% endtabs %} ### Common Patterns Globally common passwords {% code overflow="wrap" %} ``` password qwerty admin 123456 ``` {% endcode %} Season + year {% code overflow="wrap" %} ``` Spring2024, Spring2024! Summer2024, Summer2024! Autumn2024, Fall2024, Fall2024! Winter2025, Winter2025! ``` {% endcode %} Company name/app/domain {% code overflow="wrap" %} ``` app123, app2024, app2024! Company01, Company!23 Domain123, Domain! ``` {% endcode %} enterprise/IT patterns {% code overflow="wrap" %} ``` Admin123, Admin1234, Admin123! Password1, Password01, Password123, Password! Welcome1, Welcome01, Welcome123 ChangeMe123, Changeme1 P@ssw0rd, P4ssword!, P@ssword1 User123, User2025, User01 ``` {% endcode %} Usernames pattern {% code overflow="wrap" %} ``` David123, David2024, David! ``` {% endcode %} Keyboard pattern {% code overflow="wrap" %} ``` 1234, 1234567, 987654321 123123, 112233 qwerty1, qwerty12, qwerty! abc123 ``` {% endcode %} ### Leaks Searching for sensitive information via data breach * [HaveIBeenPwned](https://haveibeenpwned.com/) * [DeHashed](https://www.dehashed.com/) * [IntelBase](https://intelbase.is/) * [IntelligenceX](https://intelx.io/) * [SnusBase](https://snusbase.com/) * [Leak-Lookup](https://leak-lookup.com/) * [DataBreach](https://databreach.com/) * [BreachDirectory](https://breachdirectory.org/) * [ScatteredSecrets](https://scatteredsecrets.com/) ## Filtering wordlist It is very important to generate and use a wordlists that meets the **password requirements and policy**. ### I**nfer Policy** You can **infer** the password complexity policy in use on the target in the following ways: * Using the `user registration form`. * If `policy is provided on first error`, and if `policy is provided after n attempts`. * `guess policy by trial and error`, i.e., start with complex and appropriate password and then remove components to see if they are needed. ### Filter Wordlist To **filter** the wordlist you can use `grep`\ `$` : Start/Append, **`^`** : End/Prepend {% tabs %} {% tab title="Filter" %}
CommandDetails
grep [-v] '[[:classname:]]' <WORDLIST>Based on what they contain.
-v (NOT contain)
grep -x '.\{<LEN>\}’Of exact length <LEN>
grep -E '^.{<MIN>,<MAX>}$'Of length between <MIN> and <MAX>
grep -E '^.{6,}$' <WORDLIST> | grep -E '[A-Z]' | grep -E '[a-z]' | grep -E '[0-9]' | grep -E '([!@#$%^&*].*){2,}' > <OUTPUT_FILE>Concatenation
{% endtab %} {% tab title="classname" %}
ClassnameDetails
[[:graph:]] All printable characters except spaces and control characters.
[[:lower:]]All lowercase letters of the alphabet.
[[:print:]]All printable characters, including spaces.
[[:punct:]]All punctuation characters, such as commas, periods, semicolons, etc.
[[:space:]]All spacing characters, including spaces, tabs, line feeds, etc.
[[:upper:]]All capital letters of the alphabet.
[[:digit:]]All digits, from 0 to 9
[[:xdigit:]]All characters that are hexadecimal digits, that is, 0 to 9 and A to F (or a-f).
{% endtab %} {% endtabs %} ### Edit Wordlist Or **edit** the wordlist with `sed`
CommandDetails
sed -ri '/^.{,7}$/d' <WORDLIST>Remove shorter than 8
sed -ri '/[!-/:-@\[-`\{-~]+/!d' <WORDLIST>Remove no special chars
sed -ri '/[0-9]+/!d' <WORDLIST>Remove no numbers
sed -ri '/[A-Z]/!d' <WORDLIST>Remove no uppercase
sed -ri '/[a-z]/!d' <WORDLIST>Remove no lowercase
sed -r '/^.{,7}$/d' <WORDLIST> | sed -r '/[!-/:-@\[-`\{-~]+/!d' | sed -r '/[0-9]+/!d' >> <OUTPUT>Concatenation