Wordlists and dictionaries

Related

​Passwords & credentials​

Wordlists

1
/usr/share/wordlists/
Copied!

Password Lists

rockyou

​rockyou.txt Compromise from 2009 from a social game and advertising website

msf

1
/usr/share/metasploit-framework/data/wordlists
Copied!

crackstation-human-only

​crackstation-human-only Real human passwords leaked from various website databases.

m3g0tr0n_Passwords_WordList_CLEANED

​m3g0tr0n_Passwords_WordList_CLEANED List of 122 Million Passwords

SecLists

SecLists is the security tester’s companion. It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. GitHub - danielmiessler/SecLists​
Common usernames: SecLists/Usernames/Names/names.txt Common passwords: SecLists/Passwords/Common-Credentials/10-million-password-list-top-100.txt
Search for default creds (e.g. for tomcat)
1
find /usr/share/seclists | grep -i tomcat`
Copied!