Weakpass - Rule-Based Online Generator To Create A Wordlist Based On A Set Of Words
The tool generates a wordlist based on a set of words entered by the user.
For example, during penetration testing, you need to gain access to some service, device, account, or Wi-Fi network that is password protected. For example, let it be the Wi-Fi network of EvilCorp. Sometimes, a password is a combination of device/network/organization name with some date, special character, etc. Therefore, it is simpler and easier to test some combinations before launching more complex and time-consuming checks. For example, cracking a Wi-Fi password with a wordlist can take several hours and can fail, even if you choose a great wordlist because there was no such password in it like Evilcorp2019.
Therefore, using the generated wordlist, it is possible to organize a targeted and effective online password check.
Link: https://zzzteph.github.io/weakpass/
Secondary: https://weakpass.com/generate
Features
The hashcat rule syntax is used to generate the wordlist. By default, the generator uses a set of rules "online.rule", which performs the following mutations:
- Adding special characters and popular endings to the end of the word - !,[email protected], [email protected]#, 123! etc. evilcorp!, evilcorp!123
- Adding digits from 1 to 31, from 01 to 12 - evilcorp01, evilcorp12.
- Adding the date 2018-2023 - evilcorp2018, evilcorp2019
- Various combinations of 1-3 - evilcorp2018!
- Capitalize the first letter and lower the rest, apply 1-4. Evilcorp!2021
As a result, for the word evilcorp, the following passwords will be generated (216 in total):
- evilcorp
- Evilcorp
- EVILCORP
- evilcorp123456
- evilcorp2018
- Evilcorp!2021
- Evilcorp!2022
- [email protected]#
You can use your own hashcat rules, just click "Show rules" and put in the "Rules" textarea them with the list of rules you like best. Rules that are supported (source https://hashcat.net/wiki/doku.php?id=rule_based_attack):
| Name | Function | Description | Example Rule | Input Word | Output Word |
|---|---|---|---|---|---|
| Nothing | : | Do nothing (passthrough) | : | [email protected] | [email protected] |
| Lowercase | l | Lowercase all letters | l | [email protected] | [email protected] |
| Uppercase | u | Uppercase all letters | u | [email protected] | [email protected] |
| Capitalize | c | Capitalize the first letter and lower the rest | c | [email protected] | [email protected] |
| Invert Capitalize | C | Lowercase first found character, uppercase the rest | C | [email protected] | [email protected] |
| Toggle Case | t | Toggle the case of all characters in word. | t | [email protected] | [email protected] |
| Toggle @ | TN | Toggle the case of characters at position N | T3 | [email protected] | [email protected] |
| Reverse | r | Reverse the entire word | r | [email protected] | [email protected] |
| Duplicate | d | Duplicate entire word | d | [email protected] | [email protected]@ssW0rd |
| Duplicate N | pN | Append duplicated word N times | p2 | [email protected] | [email protected]@[email protected] |
| Reflect | f | Duplicate word reversed | f | [email protected] | [email protected]@p |
| Rotate Left | { | Rotate the word left. | { | [email protected] | @ssW0rdp |
| Rotate Right | } | Rotate the word right | } | [email protected] | [email protected] |
| Append Character | $X | Append character X to end | $1 | [email protected] | [email protected] |
| Prepend Character | ^X | Prepend character X to front | ^1 | [email protected] | [email protected] |
| Truncate left | [ | Delete first character | [ | [email protected] | @ssW0rd |
| Trucate right | ] | Delete last character | ] | [email protected] | [email protected] |
| Delete @ N | DN | Delete character at position N | D3 | [email protected] | [email protected] |
| Extract range | xNM | Extract M characters, starting at position N | x04 | [email protected] | [email protected] |
| Omit range | ONM | Delete M characters, starting at position N | O12 | [email protected] | psW0rd |
| Insert @ N | iNX | Insert character X at position N | i4! | [email protected] | [email protected]!W0rd |
| Overwrite @ N | oNX | Overwrite character at position N with X | o3$ | [email protected] | [email protected]$W0rd |
| Truncate @ N | 'N | Truncate word at position N | '6 | [email protected] | [email protected] |
| Replace | sXY | Replace all instances of X with Y | ss$ | [email protected] | [email protected]$$W0rd |
| Purge | @X | Purge all instances of X | @s | [email protected] | [email protected] |
| Duplicate first N | zN | Duplicate first character N times | z2 | [email protected] | [email protected] |
| Duplicate last N | ZN | Duplicate last character N times | Z2 | [email protected] | [email protected] |
| Duplicate all | q | Duplicate every character | q | [email protected] | [email protected]@ssssWW00rrdd |
The generator automatically removes duplicate passwords.
By pressing the Wi-Fi, all passwords less than 8 characters long will be automatically deleted.
All data is generated using Javascript so that you can use the generator without internet access.
How-to
- To generate a wordlist, enter in the Words field, words that can be used as part of the password.
- Click on the Generate button
- Copy the received content or click on the Copy to clipboard button for automatic copying.
- ...
- Profit!
Source: feedproxy.google.com
Reviewed by Anonymous
on
7:04 PM
Rating:
