-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbestlist.py
66 lines (57 loc) · 3.01 KB
/
bestlist.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
import argparse
from os import path
from typing import Set
import requests
parser = argparse.ArgumentParser(
description='Downloads and combines seclist password files')
parser.add_argument('--force', default=False, action='store_true',
help='Force overwrite when combined file already exists')
SOURCES = [
{
'url': 'https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/',
'files': ['2020-200_most_used_passwords.txt', '2023-200_most_used_passwords.txt', '500-worst-passwords.txt', 'Keyboard-Combinations.txt',
'Most-Popular-Letter-Passes.txt', 'PHP-Magic-Hashes.txt', 'UserPassCombo-Jay.txt',
'bt4-password.txt', 'cirt-default-passwords.txt', 'citrix.txt', 'clarkson-university-82.txt',
'common_corporate_passwords.lst', 'darkc0de.txt', 'darkweb2017-top10000.txt', 'unkown-azul.txt', 'days.txt',
'der-postillon.txt', 'months.txt', 'mssql-passwords-nansh0u-guardicore.txt', 'openwall.net-all.txt', 'scraped-JWT-secrets.txt',
'probable-v2-top12000.txt', 'seasons.txt', 'unkown-azul.txt', 'twitter-banned.txt',
'xato-net-10-million-passwords.txt', 'Common-Credentials/common-passwords-win.txt',
'Common-Credentials/100k-most-used-passwords-NCSC.txt',
'Honeypot-Captures/python-heralding-sep2019.txt', 'Software/john-the-ripper.txt', 'Wikipedia/wikipedia_en_vowels_no_compounds_top-1000000.txt',
'WiFi-WPA/probable-v2-wpa-top4800.txt', 'Software/cain-and-abel.txt', 'Leaked-Databases/hotmail.txt', 'Leaked-Databases/hak5.txt', 'Leaked-Databases/faithwriters.txt',
'Permutations/korelogic-password.txt', 'Malware/conficker.txt', 'Leaked-Databases/fortinet-2021_passwords.txt', 'Leaked-Databases/elitehacker.txt', 'Leaked-Databases/NordVPN.txt']
},
{
'url': 'https://raw.githubusercontent.com/ignis-sec/Pwdb-Public/master/wordlists/',
'files': ['ignis-10M.txt']
},
{
'url': 'https://github.com/brannondorsey/naive-hashcat/releases/download/data/',
'files': ['rockyou.txt']
}
]
def main():
args = parser.parse_args()
should_force: bool = args.force
if path.exists('combined.txt') and not should_force:
raise Exception(
"combined.txt already exists, consider using --force to overwrite")
else:
passwords = combine_files()
print(f'combined {len(passwords)} passwords!')
print(f'writing to combined.txt...')
with open('combined.txt', 'w', encoding='utf-8') as f:
f.writelines(passwords)
def combine_files():
passwords: Set[str] = set()
for source in SOURCES:
for f in source["files"]:
url: str = source["url"]
print(f'adding {f}...')
res = requests.get(f'{url}{f}')
lines = res.text.split("\n")
lines = map(lambda l: l + '\n', lines)
passwords.update(lines)
return passwords
if __name__ == '__main__':
main()