Probable-Wordlists
APTnotes
Probable-Wordlists | APTnotes | |
---|---|---|
13 | 5 | |
8,484 | 3,417 | |
- | - | |
0.0 | 3.1 | |
8 months ago | 5 months ago | |
Creative Commons Attribution Share Alike 4.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Probable-Wordlists
- Searching for a site, that I've visited a long time ago. (very big password lists)
-
hashcathelper: Convenience tool for hashcat - crack NT hashes by taking LM hashes into account; generate analytics for cracked passwords; visualize "SamePassword" clusters in Bloodhound
Instead of using Crackstation as the source for passwords, I would recommend using the Probable Password Lists
-
wordlist advice
A suggestion of a good wordlist (other than the infamous rockyou.txt) : https://github.com/berzerk0/Probable-Wordlists
-
Cybersecurity Repositories
Probable Wordlists
-
What are your favorite/must-have datasets?
Probable V2 wordlist set https://github.com/berzerk0/Probable-Wordlists
- Finding a good wordlist / some other questions.
- Where can I find an up-to-date list of the most common passwords?
- WPA Wordlist used by gpuhash.me?
-
is wpa and wpa2 possible to crack nowadays?
Deauth, capture the handshake and crack with hashcat + https://github.com/berzerk0/Probable-Wordlists
-
RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries
CrackStation list is kinda outdated. Probable Wordlists by u/berzerk0 is a better collection for dict lists https://github.com/berzerk0/Probable-Wordlists
APTnotes
-
Ask HN: What Happened with the Grugq Article?
>with case studies and getting as niche on specific things as possible.
Then definitely you can touch on APT marketplace, unlike the usual zeroday ones, those are -as the name implies, advanced, and mostly are state sponsored, you can find some of these in this sheet [1], or other sources [2] or older ones [3]. Now, for other zero day exploits, you can dig into your typical threat intelligence feeds to have an idea, some of these are daily updated [4] [5] [6] among a lot more of other resources, there are also underground databases for zero day and even APT updated as of yesterday, and also online marketplaces for those where you can buy/sell compromised RDP servers / webmail / cPanels / etc., or even services like smtp-sms for phishing among others, unfortunately, I can’t and won’t list any of these in here for obvious reasons, however, if you dig a little deeper definitely you will find something, just don’t use the usual search engines and normal channels, and get the usual security precautions like sandbox/vpns/etc. when access any of these sites, preferably in an isolated OS too.
And thanks, not expert enough for sure!
[1] https://docs.google.com/spreadsheets/u/1/d/1H9_xaxQHpWaa4O_S...
[2] https://gist.github.com/Neo23x0/c4f40629342769ad0a8f3980942e...
[3] https://github.com/kbandla/APTnotes
[4] https://bazaar.abuse.ch/browse/
[5] https://www.exploitalert.com/browse-exploit.html
[6] https://threatfox.abuse.ch/browse/
-
Seeking Datasets on Malware
I trained up this repo in my privateGPT - https://github.com/kbandla/APTnotes
- Le Burkina Faso
-
Cybersecurity Repositories
APT Notes
- Les ressortissants russes en France reçoivent en ce moment sur leurs numéros de téléphone russe des demandes pour l'enrôlement dans l'armée en vue de la guerre avec l'Ukraine
What are some alternatives?
RockYou2021.txt - RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
data - APTnotes data
wpa2-wordlists - A collection of wordlists dictionaries for password cracking
ThreatHunter-Playbook - A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares
PSKracker - An all-in-one WPA/WPS toolkit
osx-and-ios-security-awesome - OSX and iOS related security tools
penglab - 🐧 Abuse of Google Colab for cracking hashes.
awesome-adversarial-machine-learning - A curated list of awesome adversarial machine learning resources
awesome-hacking - A curated list of awesome Hacking tutorials, tools and resources
awesome-iocs - A collection of sources of indicators of compromise.