Default password lists:
- 3890 Default Passwords for thousands of systems from 594 vendors (Art of Hacking) – http://artofhacking.com/etc/passwd.htm
- http://cirt.net/passwords
- Skull Security: http://www.skullsecurity.org/wiki/index.php/Passwords
- Default Password list for common applications/devices: http://www.phenoelit-us.org/dpl/dpl.html
Word lists and dictionaries:
- UNIQPASS – large password list – http://dazzlepod.com/uniqpass/ | txt file: http://dazzlepod.com/site_media/txt/passwords.txt | http://dazzlepod.com/site_media/txt/uniqpass_preview.txt
- UNIQPASS is large password list useful for use with John the Ripper (JtR) wordlist mode to translate even more hashes into cleartext passwords. While we have had good success rate with our standard password list passwords.txt, we realized the list can be made more useful and relevant if we include commonly used passwords from the recently leaked databases belonging to large websites. As a result, we have compiled millions of unique passwords into UNIQPASS.
- Kevin’s Word Lists: http://wordlist.sourceforge.net/
- http://trac.kismac-ng.org/wiki/wordlists
- Openwall wordlists collection: http://ftp.sunet.se/pub/security/tools/net/Openwall/wordlists/
- ftp://ftp.ox.ac.uk/pub/wordlists/
- http://gdataonline.com/downloads/GDict/
- ftp://ftp.openwall.com/pub/wordlists/
- ftp://ftp.cerias.purdue.edu/pub/dict/
- http://www.indianz.ch/tools/doc/wordlist.zip
- http://www.outpost9.com/files/WordLists.html
- ftp://ftp.openwall.com/pub/wordlists/passwords/
- English and French: https://www.securinfos.info/wordlists_dictionnaires.php
- ftp://ftp.ox.ac.uk/pub/wordlists/
- http://www.lostpassword.com/f/wl/bigdict.zip
- http://www.lostpassword.com/f/wl/French.zip
- http://www.lostpassword.com/f/wl/Spanish.zip
- http://www.lostpassword.com/f/wl/German.zip
- http://www.vulnerabilityassessment.co.uk/passwords.htm
- http://packetstormsecurity.org/Crackers/wordlists/
- http://www.ai.uga.edu/ftplib/natural-language/moby/
- Cotse has possibly one of the largest collections of word lists (including French):
- Various language dictionaries at: http://www.openwall.com/mirrors/
Rainbow tables
- WPA-PSK Rainbow tables: http://www.renderlab.net/projects/WPA-tables/
- Ophcrack tables – http://ophcrack.sourceforge.net/tables.php [FREE + COMMERCIAL]
- Free Rainbow Tables – http://www.freerainbowtables.com/ [FREE]
- RainbowCrack – http://project-rainbowcrack.com/buy.php [COMMERCIAL]
- blog post: “Excellent Rainbow Tables Service” by John Strand – http://pauldotcom.com/2010/08/excellent-rainbow-tables-servi.html
- WPA Rainbow Tables (2010.02.12) – http://www.security-database.com/toolswatch/WPA-Rainbow-Tables-Offensive.html
Related here: John the Ripper – https://eikonal.wordpress.com/2010/05/25/john-the-ripper/
Eikonal Blog 
[…] Check if password is in the selected language’s dictionary. (see: https://eikonal.wordpress.com/2010/03/29/default-passwords/) […]
LikeLike
Pingback by Stages of checking password crackability « Eikonal Blog — 2010.07.28 @ 09:28
[…] authentication module). Related here: Default passwords, wordlist and Rainbow tables – https://eikonal.wordpress.com/2010/03/29/default-passwords/ Share this:StumbleUponDiggRedditLike this:LikeBe the first to like this post. Comments […]
LikeLike
Pingback by John the Ripper « Eikonal Blog — 2012.03.07 @ 10:20
[…] here: Default passwords, wordlist and Rainbow tables – https://eikonal.wordpress.com/2010/03/29/default-passwords/ | John The Ripper – […]
LikeLike
Pingback by Passwords cracking | Eikonal Blog — 2013.12.02 @ 14:16