Regular people create passwords for themselves that they can easily remember. And to keep things "secure" they'll tend to modify it a bit by appending some chars (e.g. #$!) and maybe incrementing a trailing number.
This tool allows you to choose some base words and add options like years and also maybe some random chars. So if you know a little info about your target such as their hobbies, pets, age, or occupation then you can create a more targeted wordlist for your brute force test.
The repo: github.com/t3l3machus/psudohash
psudohash is a password list generator for orchestrating brute force attacks. It imitates certain password creation patterns commonly used by humans, like substituting a word's letters with symbols or numbers, using char-case variations, adding a common padding before or after the word and more. It is keyword-based and highly customizable.
Some other wordlist resources:
- github.com/berandal666/Passwords
- requestbin.net/post/top-wordlists-for-brute-force-attack
- www.cerberussentinel.com/blog-posts/brute-forcing-login-burp/
Post a Comment