Backup_Repos/SecLists
1
0
Fork 0
mirror of https://github.com/danielmiessler/SecLists synced 2026-04-27 17:35:07 +02:00
Code Issues Projects Releases Wiki Activity
3866 commits 2 branches 31 tags 2.3 GiB
Commit graph

330 commits

Author SHA1 Message Date
Oliver Boehlk
f317871261 add localized wikipedia wordlists 2023-06-28 12:28:35 +02:00
Marios K. Pappas
b8a5b67a5a
Added some commonly used rotated passwords. 
This wordlist contains some commonly used passwords that can be found in O365, OWA, and Active Directory environments. They are oriented toward password spraying once the tester gets hold of a list of valid email addresses. The wordlist can be easily modified (e.g testers can change the COMPANY SPORTS_TEAM/HOBBY, LOCATION, and DEPARTMENT values to match their current target).
 2023-02-22 19:42:58 +02:00
g0tmi1k
9df8137868
Merge pull request #825 from its0x08/patch-2 
Dedupe wordlists
 2022-11-22 12:23:09 +00:00
0x08
5a4acd41bd
fix: Dedupe wordlist 2022-11-07 13:01:06 +03:00
0x08
2b6d44ccc4
fix: Dedupe wordlist 2022-11-07 12:34:57 +03:00
0x08
256f4f7d35
fix: Dedupe wordlist 2022-11-07 12:32:42 +03:00
0x08
21b131cd57
fix: Dedupe wordlist 2022-11-07 12:23:37 +03:00
0x08
b9a53f09be
fix: Dedupe wordlist 
- Removed duplicated entries.
 2022-11-07 12:18:49 +03:00
vah_13
23e94476a3
update default-passwords.csv 
Add SAP passwords for CA Introscope Enterprise Manager
 2022-08-22 19:55:03 +04:00
g0t mi1k
324af1d66f Merge into README.md 2022-08-02 07:11:45 +01:00
g0tmi1k
f4c697e394
Merge pull request #751 from alins1r/patch-1 
Converting 500-worst-passwords.txt.bz2 to .txt
 2022-08-02 06:49:59 +01:00
g0tmi1k
f804d3649e
Merge pull request #763 from khicks/master 
Add OPNsense to default-passwords

Source: https://docs.opnsense.org/manual/gui.html
 2022-08-02 06:46:37 +01:00
PinkDev1
8b3ccbedaa Fixed #538: Added credits to the relevant README 2022-06-24 00:32:45 -03:00
PinkDev1
74dbbb7f95 Added scraped-JWT-secrets.txt 2022-06-24 00:31:22 -03:00
Kevin Hicks
c9486f6a41
add opnsense to default-passwords 2022-06-13 11:37:11 -05:00
alins.ir
9255b8090b
Converting 500-worst-passwords.txt.bz2 to .txt 2022-05-05 19:24:56 +04:30
zevlag
806526b1dd
Add Baicells default creds from CVE-2022-24693 2022-03-30 10:37:15 -04:00
g0tmi1k
52fbc4a631
Merge pull request #680 from 5tr1x/patch-3 
Create months.txt

for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:36:41 +00:00
g0tmi1k
bf2d2a996d
Merge pull request #681 from 5tr1x/patch-4 
Create days.txt

for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:36:21 +00:00
g0tmi1k
0d9870d28d
Merge pull request #679 from 5tr1x/patch-2 
Create seasons.txt



for i in `cat $1`; do echo ${i}; echo ${i}2019; echo ${i}2020; echo ${i}2021; echo ${i}2022; echo ${i}1; echo ${i}123; done >> n
for i in `cat n`; do echo ${i}; echo ${i}'!'; echo ${i}'@'; echo ${i}'#'; echo ${i}'$'; echo ${i}'%'; echo ${i}'^'; echo ${i}'&'; echo ${i}'*'; echo ${i}'?'; done >> s
hashcat s -r /usr/share/hashcat/rules/leetspeak.rule --stdout > hc
wordlister --input s --perm 1 --min 4 --max 48 --leet &>/dev/null
mv output.txt wl
cat hc wl | sort -u > vvv
wordlister --input vvv --perm 1 --min 4 --max 48 --cap --up &>/dev/null
cat output.txt | sort -u > $2
rm n s hc wl vvv output.txt
 2022-02-02 23:35:58 +00:00
g0tmi1k
eaf1c8263f
Merge pull request #695 from elitejake/patch-2 
Remove duplicated entries
 2022-01-31 23:23:47 +00:00
elitejake
d95f0016bb
Remove duplicated entries 
Fixes #689
 2022-01-29 05:47:02 +00:00
Wernfried
398154efdf
Added default passwords from Huawei 2022-01-21 20:31:21 +01:00
5tr1x
15a8115ef8
Create days.txt 2021-12-15 15:11:20 -06:00
5tr1x
9b32f5a54d
Create months.txt 2021-12-15 15:10:21 -06:00
5tr1x
d2043bd9ab
Create seasons.txt 2021-12-15 15:04:49 -06:00
g0tmi1k
55f526662b
Merge pull request #648 from hhc0null/fix_row_column_quantity_to_4 
Fix row column quantity to 4
 2021-11-24 09:58:16 +00:00
g0tmi1k
7b9d0b826a
Merge pull request #653 from soufianetahiri/master 
Fortinet VPN leaked passwords

Source: https://therecord.media/fortinet-warns-customers-after-hackers-leak-passwords-for-87000-vpns/
 2021-11-24 09:55:42 +00:00
g0tmi1k
9f0e7eb8de
Merge pull request #664 from clem9669/master 
Converting default-password.csv to .txt
 2021-11-24 09:53:11 +00:00
Siddharth Reddy
c3f29b1567
Update default-passwords.csv 2021-11-20 23:40:12 +05:30
clem9669
f3a6c06404 Converting default-password.csv to .txt 2021-11-04 22:02:46 +01:00
Soufiane Tahiri
c1dc95bc1e
Fortinet VPN leaked passwords 
more info at https://therecord.media/fortinet-warns-customers-after-hackers-leak-passwords-for-87000-vpns/
 2021-09-10 09:32:35 +02:00
hhc0null
02cdfa5f2d Fix row column quantity to 4 2021-08-31 23:54:51 +09:00
g0t mi1k
545e57b02d dos2unix 2021-08-28 21:29:32 +01:00
g0t mi1k
efeb38808c Replace ' ' with ' ' (Empty Characters) 2021-08-28 21:05:13 +01:00
g0tmi1k
38ba2a007a
Merge pull request #602 from sAsPeCt488/master 
Add Base64 Encoded tomcat-betterdefaultpasslist
 2021-08-27 21:16:56 +01:00
cbk914
229fa3f855 Updated Citrix and Avaya default passwords 2021-07-22 00:21:57 +02:00
cbk914
83b091396c Updated cryptominers 2021-07-16 22:01:51 +02:00
cbk914
49c5e8c0c4 Updated cryptominers 2021-07-16 20:49:52 +02:00
cbk914
2a78823f25 Add cryptominers default passwords 2021-07-13 05:13:43 +02:00
cbk914
9a871facf1
Merge branch 'danielmiessler:master' into master 2021-06-26 23:06:55 +02:00
g0tmi1k
9121b47c75
Merge pull request #618 from chacka0101/patch-6 
Updates
 2021-06-12 19:16:53 +01:00
g0tmi1k
0ff688e83c
Merge pull request #616 from chacka0101/patch-5 
Insert F5 Default passwords products
 2021-06-12 19:16:38 +01:00
CHackA0101
3be6e4e6e7
Updates 
1034 - Hikvision Network Camera,admin,12345,https://www.hikvision.com/UploadFile/image/EN-user%20manual%20of%20%20network%20camera%20v3.0.0.pdf

689 - Dell Switch PowerConnect,admin,admin,https://www.192-168-0-1login.org/router/dell/switch-powerconnect/12568/

1203 - IBM Storwize V7000,superuser,passw0rd,https://www.ibm.com/docs/en/flashsystem-7x00/7.8.1?topic=problem-procedure-resetting-superuser-password

2348 - SolarWinds,admin,<BLANK>,
 2021-06-09 20:49:26 -06:00
cbk914
cd20324f79 Merge branch 'danielmiessler:master' into master 2021-06-09 13:09:19 +02:00
CHackA0101
d0fba77aee
Insert F5 Default passwords products 
892 - F5 BIG-IP Configuration utility,admin,admin,https://support.f5.com/csp/article/K13148,
893 - F5 BIG-IP command line,root,default,https://support.f5.com/csp/article/K13148,
894 -F5 BIG-IQ Configuration utility,admin,admin,https://support.f5.com/csp/article/K13148,
895 -F5 BIG-IQ command line,root,default,,https://support.f5.com/csp/article/K13148,
896 -F5 FirePass Administrative Console,admin,admin,https://support.f5.com/csp/article/K13148,
897 -F5 FirePass Maintenance Console,maintenance,n/a,https://support.f5.com/csp/article/K13148,
 2021-06-07 10:43:20 -06:00
CHackA0101
fc2d2ff14d
Update with Sonatype Nexus Default Passwords: 
1568 - Sonatype Nexus Repository Manager,admin,admin123,https://help.sonatype.com/repomanager2/maven-and-other-build-tools/sbt
1569 - Sonatype Nexus Repository Manager,nexus,nexus,
 2021-06-02 16:09:40 -06:00
CHackA0101
2b447c7d19
Update default-passwords.csv 
2240	SeedDMS		admin		admin		https://www.seeddms.org/index.php?id=2

POC:
https://demo.seeddms.org/out/out.Login.php
User ID: admin
Password: admin
 2021-05-17 16:43:21 -06:00
cbk914
cb4febae37 Merge branch 'danielmiessler:master' into master 2021-05-11 16:10:42 +02:00
Thanasis Mitragkas
7eab0af4e4
Add Base64 Encoded tomcat-betterdefaultpasslist 2021-05-01 20:43:44 +03:00
CHackA0101
872ccb43b0
Include line 2020, Raspberrypi password default. 
2020: Raspberrypi,pi,raspberry,https://www.raspberrypi.org/documentation/linux/usage/users.md
 2021-04-02 12:57:56 -06:00
GraoMelo
33b0ba07cf
Add all 20th century anniversary dates 
some time ago I created a list with all the possible birthday dates of the 20th century.
and also all the anniversary dates from 2001-2020 (yes already in the 21st century, partial)

the reason this list was created, because many people use dates of living people as passwords.

the file name is: 1900-2020.txt 

insertion suggestion
SecLists/
├── Passwords
├── ── Common-Credentials

previously informed in: #567 
https://github.com/danielmiessler/SecLists/issues/567
 2021-03-18 19:24:36 -03:00
g0tmi1k
e9127d389b
Merge pull request #556 from govolution/patch-7 
Update ssh-betterdefaultpasslist.txt

Source: https://www.zdnet.com/article/backdoor-account-discovered-in-more-than-100000-zyxel-firewalls-vpn-gateways/
 2021-02-11 20:53:34 +00:00
g0tmi1k
1e286083e4
Merge pull request #552 from mwoolweaver/patch-1 
Add default password for jailbroken iOS (iPhone, iPad, iPod Touch, AppleTV)

Source: https://blog.elcomsoft.com/2020/05/ios-jailbreaks-ssh-and-root-password/
 2021-02-11 20:52:35 +00:00
g0tmi1k
42a8b633de
Merge pull request #551 from m4p0/master 
Added Zyxel default username and password (CVE-2020-29583 / CVE-2016-10401)

Source: https://www.eyecontrol.nl/blog/undocumented-user-account-in-zyxel-products.html
 2021-02-11 20:51:37 +00:00
govolution
e12b9a1499
Update ssh-betterdefaultpasslist.txt 
added zyxel hard coded credentials (see https://www.zdnet.com/article/backdoor-account-discovered-in-more-than-100000-zyxel-firewalls-vpn-gateways/)
 2021-01-06 17:05:59 +01:00
Michael Woolweaver
83660320c8
Add default password for jailbroken iOS 
once jailbroken this is the default password for both root and mobile
 2021-01-05 13:50:44 -06:00
m4p0
ac068e75b5 Added Zyxel default username and password based on CVE-2020-29583 and CVE-2016-10401 2021-01-05 09:08:32 +01:00
cbk914
a03ac0af08 Add citrix default password file 2020-11-30 11:00:02 +01:00
rf-peixoto
26b3b873b0
Create 2020-200_most_used_passwords.txt 
Add list of the two hundred most used passwords in 2020, compiled by Nordpass.
 2020-11-19 21:08:49 -03:00
cbk914
003bfef95f
Merge pull request #6 from danielmiessler/master 
Update
 2020-11-12 02:44:53 +01:00
cbk914
1b38c0429f Add Avaya default hardcoded passwords 2020-11-05 16:37:22 +01:00
g0tmi1k
7d7b9f70e9
Merge pull request #536 from g0tmi1k/misc 
dos2unix
 2020-11-04 00:01:12 +00:00
g0t mi1k
50ec8b1dc6 dos2unix 2020-11-03 23:57:08 +00:00
shelld3v
7f8c28c6e0
Added Donald Trump leaked passwords (2016 + 2020) 2020-11-03 18:55:07 +07:00
g0tmi1k
d2fdef60e8
Merge pull request #525 from n3k00n3/master 
Adding passwords found on public leak from Nord.
 2020-11-02 20:59:44 +00:00
Fernando Pinheiro
16593c1287 remove equal pass 2020-10-14 15:19:57 -03:00
Fernando Pinheiro
f139e0774f Adding passwords from PUBLIC leak 2020-10-14 15:15:22 -03:00
MusicGivesMeLife
2047e272cf
BiblePass Project 2020-10-06 00:58:51 -04:00
cbk914
ae8aabcfed Merge branch 'master' of https://github.com/cbk914/SecLists 2020-09-30 16:37:47 +02:00
cbk914
b66822b6e7
Merge pull request #5 from danielmiessler/master 
Update
 2020-09-20 15:36:24 +02:00
g0tmi1k
e4e65c3510
Merge pull request #478 from LethargicLeprechaun/master 
10-million-password-list-top-1000000.txt Corrections
 2020-09-16 07:30:17 +01:00
Dirk Wetter
0ccff1e425
Create german_misc.txt 
Hi there,

this is a list of modern German words. Source is myself :-) and merged are some new words from the semi-official language bible (Duden, new edition 2020). Idea was from a pentest where too simple words from the current world just were allowed.

Actually I wanted to add this to ``Miscellaneous/lang-german.txt`` but this file is somewhat broken, and I didn't want to add it to a broken file (I read this before here but as a reminder Umlaute are missing (file is 7 bit US ASCII) and some words just don't make sense like Aangriff, AanschlusS, Bil (is Danish/Norwegian), Bikuspidat, Cgeknatter, Cfamilien,CharaktergroBe,... Probably like 30% of the content is useless. IMHO this file needs to be replaced.

Some of the words in this PR like **Schmähgedicht** appear also in ``Passwords/dutch_common_wordlist.txt`` which kind of surprised me. But I thought it would be important to add those words to a separate file bc users might not look there.

Cheers, Dirk
 2020-08-21 12:01:37 +02:00
cbk914
e06aacd937 Revert "Merge pull request #4 from danielmiessler/master" 
This reverts commit c266835781, reversing
changes made to fd4968f43b.
 2020-08-11 14:25:56 +02:00
cbk914
af33ee93bc Add 500 worst passwords 2020-08-11 14:19:17 +02:00
LethargicLeprechaun
74c24b574f move words to correct places 2020-07-25 06:06:44 -07:00
g0tmi1k
dea731202f
Merge pull request #471 from maxkleinke/master 
renamed files in Passwords/Default-Credentials for better parsing
 2020-07-22 16:25:27 +01:00
g0t mi1k
df66ea4c82 Fix issues with wordlists 2020-07-22 16:19:47 +01:00
Maximilian Kleinke
e3ae394144 renamed files in Passwords/Default-Credentials for better parsing 2020-07-18 13:59:44 +02:00
govolution
ff84e4dafa
Update telnet-betterdefaultpasslist.txt 
source for new passwords: https://www.zdnet.com/article/backdoor-accounts-discovered-in-29-ftth-devices-from-chinese-vendor-c-data/
 2020-07-11 17:51:50 +02:00
clem9669
7da5c78bf7
PR about the issue: #438 
Typo
https://github.com/danielmiessler/SecLists/issues/438
 2020-06-18 14:18:55 +00:00
g0tmi1k
0a39d3dcb4
Merge pull request #417 from muhammedck113/patch-1 
Update 10-million-password-list-top-100.txt
 2020-06-05 16:30:30 +01:00
Karim Kanso
607c3293b4 strip trailing whitespace 2020-05-27 14:26:51 +01:00
Karim Kanso
a3416ba706 standardisze line endings 2020-05-27 14:10:50 +01:00
Jony Schats
e0d074bb83 added dutch passwordlist 2020-04-29 12:21:51 -04:00
muhammedck113
492d80186a
Update 10-million-password-list-top-100.txt 2020-04-26 20:19:21 +05:30
Karim Kanso
0080212eb5 refreshed and fixed couple issues with cirt credentials 2020-02-15 09:46:06 +00:00
osku
a7b446ce8c 51k random creds obtained by running Heralding for two weeks in Sep/2019 2019-10-20 17:02:07 +03:00
g0tmi1k
6fae58fa9b
Merge pull request #357 from govolution/patch-3 
Update ssh-betterdefaultpasslist.txt

https://github.com/SamuraiWTF/samuraiwtf
http://docs.graylog.org/en/2.4/pages/installation/virtual_machine_appliances.html
https://openvpn.net/vpn-server-resources/deploying-the-access-server-appliance-on-vmware-esxi/
https://www.circl.lu/services/misp-training-materials/
https://documentation.wazuh.com/3.10/installation-guide/virtual-machine.html
https://my.nps.edu/web/c3o/virtual-machine-images
https://virtualboxes.org/images/centos/
 2019-10-10 12:13:29 +01:00
g0tmi1k
8e42ce0a0e
Merge pull request #358 from govolution/patch-4 
Update windows-betterdefaultpasslist.txt

Source: https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1
 2019-10-10 12:13:11 +01:00
govolution
993893e0dc
Update mssql-betterdefaultpasslist.txt 
Source: https://github.com/fgrehm/vagrant-mssql-express
 2019-10-10 12:31:10 +02:00
govolution
2942b4d373
Update windows-betterdefaultpasslist.txt 
Source:
https://github.com/PowerShellMafia/PowerSploit/blob/master/Privesc/PowerUp.ps1
 2019-10-10 12:29:05 +02:00
govolution
3bafebc1ea
Update ssh-betterdefaultpasslist.txt 
https://github.com/SamuraiWTF/samuraiwtf
http://docs.graylog.org/en/2.4/pages/installation/virtual_machine_appliances.html
https://openvpn.net/vpn-server-resources/deploying-the-access-server-appliance-on-vmware-esxi/
https://www.circl.lu/services/misp-training-materials/
https://documentation.wazuh.com/3.10/installation-guide/virtual-machine.html
https://my.nps.edu/web/c3o/virtual-machine-images
https://virtualboxes.org/images/centos/
 2019-10-10 12:26:41 +02:00
XalfiE
e685bfabe0
Oracle EBS default passwords 2019-10-07 13:16:17 +03:00
XalfiE
7b896da2c4
Oracle EBS default users 2019-10-07 13:15:41 +03:00
Mike van de Ven
a732f905a8
Added dutchwordlist 2019-10-01 12:22:18 +02:00
Eric Range
7c84d582db
New Default Password List 
Default Password List from http://phenoelit.org/dpl/dpl.html.
Syntax:
<username>:<password>
<username>: => no password
<>:<> => no user nor password at all
 2019-08-23 15:57:08 +02:00
Eric Range
1978345e87
Remove admin:password 
Duplicate String
 2019-08-20 10:13:02 +02:00
g0tmi1k
37bb3c0f4d Add scrabble 
Source: 4cf8811b8f/SCRABBLE-wordlist.tgz
 2019-08-13 12:42:49 +01:00
Dwight Spencer
23bf1c051f
Create stupid-ones-in-production.txt 2019-08-08 14:59:22 -05:00