Common Password List

Secondary Categories: 02-Credential Access, 02-Initial Access, 02-Privilege Escalation, 02-Lateral Movement

Usually before spraying I will utilize data breaches (IntelX, DeHashed ) to find passwords and manually attempt those first if I only find a few. If I dont find anything from data breaches usually I will create my own custom wordlist and will generally follow the scheme below:

January2023
January23
January22
CompanyName123
CompanyName1
CompanyName22
CompanyName23
CompanyName1!
Winter2022
Winter@2022
Today12345
Today123
Password1
P@ssword1!
P@ssw0rd1!
Termination1

Notice there is a trend:

(Recent Month)(Year either “2022” or “22”)
(Season)(usually ”@”)(Year either “2022” or “22”)
(Season)(Year)
(Company Name)(Year either “2022” or “22”)
(Company Name)(“1” or “123”)
(Begins with a variation of “Password”)

Also Check Out:

PLACEHOLDER

The Void 🌌

Explorer

Common Password List

Also Check Out:

Graph View

Backlinks

Recent Blog Posts

No More Network Bottlenecks

Unmasking Secrets - Deciphering Encrypted Passwords through Reverse Engineering

Conquering Goliath as a CCDC Blue Teamer

Explorer

Recent Blog Posts

No More Network Bottlenecks

Unmasking Secrets - Deciphering Encrypted Passwords through Reverse Engineering

Conquering Goliath as a CCDC Blue Teamer