Probable-Wordlists
DetectionLab
Probable-Wordlists | DetectionLab | |
---|---|---|
13 | 31 | |
8,484 | 4,476 | |
- | - | |
0.0 | 4.4 | |
8 months ago | about 1 year ago | |
HTML | ||
Creative Commons Attribution Share Alike 4.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Probable-Wordlists
- Searching for a site, that I've visited a long time ago. (very big password lists)
-
hashcathelper: Convenience tool for hashcat - crack NT hashes by taking LM hashes into account; generate analytics for cracked passwords; visualize "SamePassword" clusters in Bloodhound
Instead of using Crackstation as the source for passwords, I would recommend using the Probable Password Lists
-
wordlist advice
A suggestion of a good wordlist (other than the infamous rockyou.txt) : https://github.com/berzerk0/Probable-Wordlists
-
Cybersecurity Repositories
Probable Wordlists
-
What are your favorite/must-have datasets?
Probable V2 wordlist set https://github.com/berzerk0/Probable-Wordlists
- Finding a good wordlist / some other questions.
- Where can I find an up-to-date list of the most common passwords?
- WPA Wordlist used by gpuhash.me?
-
is wpa and wpa2 possible to crack nowadays?
Deauth, capture the handshake and crack with hashcat + https://github.com/berzerk0/Probable-Wordlists
-
RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries
CrackStation list is kinda outdated. Probable Wordlists by u/berzerk0 is a better collection for dict lists https://github.com/berzerk0/Probable-Wordlists
DetectionLab
-
Cyber Lab Design
I would tell someone they should use a cloud lab like Clong's "Detection Lab" which gives them not only the security aspect but the cloud and engineering aspects as well.
- Home Virtual SIEM Lab Suggestions?
- malware analysis
- Sandbox suggestions for VM isolation & investigations?
- I am kind a lost
-
Work setup
Detection Lab Link: https://github.com/clong/DetectionLab
-
learning splunk. is there a way to "play" with it?
Not sure what your goal with splunk is but I'd recommend Detection lab! Once you get the pre reqs setup, building and tearing down is super easy and you get a pre-baked ad environment to generate logs for you. https://github.com/clong/DetectionLab
-
Tool that automatically generates a realistic office scenario of vms?
I found a great starting point at the repo of DetectionLab : https://github.com/clong/DetectionLab
-
I'm a noob with expensive equipment
While it's true what most are saying, that you don't need a powerful system to learn hacking....... You DO have a valid point that a powerful system enables things a weaker system may not. For example with 64GB of RAM you can run a full network lab simulation such as https://github.com/clong/DetectionLab additionally a solid high end graphics card will let you run things like hashcat a lot faster. In theory you could make a rainbow table. You still need a lot of time to understand all the basics but yeah there's a few cool things you can do with more power it's not ENTIRELY unneeded. I wish I knew about the local defcon group long ago. They're welcoming and some have capture the flags you can play. Understand the various job roles there are in security and figure out which one you like. You get paid to do specific things not just learn about hacking.
-
where does one get experience with SIEM tools
Github DetectioLab
What are some alternatives?
RockYou2021.txt - RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
DetectionLabELK - DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.
wpa2-wordlists - A collection of wordlists dictionaries for password cracking
vulnerable-AD - Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
SecLists - SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
security-onion - Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
PSKracker - An all-in-one WPA/WPS toolkit
Adaz - :wrench: Deploy customizable Active Directory labs in Azure - automatically.
penglab - 🐧 Abuse of Google Colab for cracking hashes.
DVWA - Damn Vulnerable Web Application (DVWA)
awesome-hacking - A curated list of awesome Hacking tutorials, tools and resources
HELK - The Hunting ELK