We are all pretty familiar with rockyou.txt and if you’re not, it’s the one password file that is shipped with Kali by default. Honestly, if you’re using a password in this text file, you’re just asking to be hacked. Let’s assume the account you’re attacking isn’t using ‘p@55w0rd12’ or one of the other common passwords in this file. Say we want to expand our library to include more recent passwords. Let’s cover a few of these extra password files to take your cracking game to the next level!
Seclists
SecLists offers a comprehensive array of lists for use in security evaluations. This collection encompasses various types, such as usernames, passwords, URLs, strings for sensitive data searches, fuzzing payloads, among others.
Its purpose is to provide security testers with an easily accessible repository of diverse lists, readily available for use on a new testing system. This ensures that they have all necessary types of lists at their disposal for effective security testing.
This list is super easy to install with Kali. Just run this command and it’ll load up this highly recommended list:
sudo apt install seclistsRockYou2021
Coming in at a little over 82 billion passwords, this list is not only huge but also large in size too! Thirteen files and each one around 1 gigabyte compressed, you can just imagine how big this text file is.
Loading this file is pretty easy with github!
You’ll be downloading these files with either a torrent or just getting them off the web. Here are the links you’ll be needing for this little project.
Torrent File: https://mega.nz/file/bOxEUYLS#i4QuvXrfXQjPfWcsj4pokXEMPwZ7VZC1IzJwzPHlvmM
1GB Chunks https://mega.nz/folder/aDpmxCiD#f_pSJ0vV698-Ev1mbyYNAQ
Have some patience when you’re extracting this beast!
Crunch
Maybe you don’t like having your password list made for you. You’re in luck! If you have a little bit of CPU power, we can make our own password list. Please keep in mind that this can take a significant amount of time, so have patience!
Installing crunch is just as easy as seclists
apt sudo install crunchOf course you’ll have to learn a bit of parameter syntax to start generating. Check out the crunch site to get started! Networkwalks also wrote up a very extensive article with all of the different parameters you can use.
