mkdir -p /usr/share/wordlists/ cd /usr/share/wordlists/
also note there are many wordlists that come with metasploit
/opt/metasploit-framework/data/wordlists/
wget https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Passwords/Common-Credentials/top-20-common-SSH-passwords.txt wget https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Passwords/Default-Credentials/ssh-betterdefaultpasslist.txt
eventually rename files with a relevant extension, so you know what it’s offering
mv ssh-betterdefaultpasslist.txt ssh-betterdefaultpasslist.LOGIN-AND-PASSWORD.txt
eventually make a password only file out of that
cut -f2 -d: ssh-betterdefaultpasslist.LOGIN-AND-PASSWORD.txt | grep -v '^$' | sort -uV \
> ssh-betterdefaultpasslist.PASSWORD-ONLY.txt
cut -f1 -d: ssh-betterdefaultpasslist.LOGIN-AND-PASSWORD.txt | grep -v '^$' | sort -uV \
> ssh-betterdefaultpasslist.LOGIN-ONLY.txt
and finally merge with the other list and deliver some optimized password list
cat ssh-betterdefaultpasslist.PASSWORD-ONLY.txt top-20-common-SSH-passwords.txt | sort -uV > ssh-passwords.txt wc -l ssh-betterdefaultpasslist.PASSWORD-ONLY.txt wc -l top-20-common-SSH-passwords.txt wc -l ssh-passwords.txt
wget http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2 bunzip2 rockyou.txt.bz2
usernames
wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Usernames/cirt-default-usernames.txt wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Usernames/top-usernames-shortlist.txt
passwords
wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/2020-200_most_used_passwords.txt wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/cirt-default-passwords.txt
not sure awk below manages multiples files
#10-million-password-list-top-1000000.txt \ # 2020-200_most_used_passwords.txt cirt-default-passwords.txt rockyou.txt > passwords.concat.txt
remove duplicate lines w/o sorting
awk '!a[$0]++' top-usernames-shortlist.txt cirt-default-usernames.txt > usernames.concat.txt
git clone https://github.com/sharsi1/russkiwlst.git sudo cp -f *.lst /usr/share/wordlists/
Passwords https://wiki.skullsecurity.org/Passwords
rockyou https://github.com/praetorian-inc/Hob0Rules/tree/master/wordlists
rockyou https://tools.kali.org/password-attacks/wordlists
rockyou http://cybertheta.blogspot.com/2017/08/password-dictionary.html
SecLists/Passwords/ https://github.com/danielmiessler/SecLists/tree/master/Passwords
SecLists/Usernames/ https://github.com/danielmiessler/SecLists/tree/master/Usernames
Remove duplicate lines without sorting [duplicate] https://stackoverflow.com/questions/11532157/remove-duplicate-lines-without-sorting
Where can I find wordlist for most common username and passwords? https://www.reddit.com/r/AskNetsec/comments/878lf5/where_can_i_find_wordlist_for_most_common/
Kali Linux Cheat Sheet https://comparite.ch/kalics ==> https://cdn.comparitech.com/wp-content/uploads/2021/07/Kali-Linux-Cheat-Sheet-1.pdf
https://github.com/random-robbie/bruteforce-lists
https://github.com/Bo0oM/fuzz.txt
https://github.com/berzerk0/Probable-Wordlists