SETUP USERNAME AND PASSWORD DICTIONARIES

GET THEM READY

mkdir -p /usr/share/wordlists/
cd /usr/share/wordlists/

ssh optimized

wget https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Passwords/Common-Credentials/top-20-common-SSH-passwords.txt
wget https://raw.githubusercontent.com/danielmiessler/SecLists/refs/heads/master/Passwords/Default-Credentials/ssh-betterdefaultpasslist.txt

eventually rename files with a relevant extension, so you know what it’s offering

mv ssh-betterdefaultpasslist.txt ssh-betterdefaultpasslist.passwd
ls -lF top-20-common-SSH-passwords.txt

rockyou password list

wget http://downloads.skullsecurity.org/passwords/rockyou.txt.bz2
bunzip2 rockyou.txt.bz2

seclists lists

usernames

wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Usernames/cirt-default-usernames.txt
wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Usernames/top-usernames-shortlist.txt

passwords

wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/Common-Credentials/10-million-password-list-top-1000000.txt
wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/2020-200_most_used_passwords.txt
wget https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/cirt-default-passwords.txt

improved lists

not sure awk below manages multiples files

#10-million-password-list-top-1000000.txt \
#   2020-200_most_used_passwords.txt cirt-default-passwords.txt rockyou.txt > passwords.concat.txt

remove duplicate lines w/o sorting

awk '!a[$0]++' top-usernames-shortlist.txt cirt-default-usernames.txt > usernames.concat.txt

READY TO GO

you are now ready for some brutalization

RESOURCES

Passwords https://wiki.skullsecurity.org/Passwords

rockyou https://github.com/praetorian-inc/Hob0Rules/tree/master/wordlists

rockyou https://tools.kali.org/password-attacks/wordlists

rockyou http://cybertheta.blogspot.com/2017/08/password-dictionary.html

SecLists/Passwords/ https://github.com/danielmiessler/SecLists/tree/master/Passwords

SecLists/Usernames/ https://github.com/danielmiessler/SecLists/tree/master/Usernames

Remove duplicate lines without sorting [duplicate] https://stackoverflow.com/questions/11532157/remove-duplicate-lines-without-sorting

Where can I find wordlist for most common username and passwords? https://www.reddit.com/r/AskNetsec/comments/878lf5/where_can_i_find_wordlist_for_most_common/

Kali Linux Cheat Sheet https://comparite.ch/kalics ==> https://cdn.comparitech.com/wp-content/uploads/2021/07/Kali-Linux-Cheat-Sheet-1.pdf


HOME | GUIDES | LECTURES | LAB | SMTP HEALTH | HTML5 | CONTACT
Copyright © 2024 Pierre-Philipp Braun