github berzerk0/Probable-Wordlists v2.0
Release 2.0 - Complete Overhaul

6 years ago

RELEASE 2.0!

Click Here to Get The Files

Get reminded of the absolute worst passwords using the @WorstPasswords twitter account!


  • More accurate!
  • More inclusive!
  • Includes analysis!
  • Never needs winding!
  • Non-Iron!
  • Completely Overhauled!

Tasklist for 2.0 Included:

  • Acquire more source files for larger corpus and more accurate results
  • Include Non-ASCII Characters
  • Acquire higher-quality sources, with fewer non-password results.
  • Avoid duplicate lines
  • Include Analysis with Version Release
  • Include HashCat Ruleset

More Sources, Larger Corpus, More Accurate Results and Higher-Quality Sources

Release one used about 300 files. I did not filter them very well. Some "password" wordlists contained non-password lines. This time, I pulled out all the md5 and SHA1 hashes that had somehow weaseled their way in, removed files that contained nothing but lists of things like cartoon characters and made sure the lists were as pure as possible.

Release two uses over 1500 files. I attempted to clean each one, which in some cases required a judgement call on my end.

V1 Popularity was determined by appearances in as few as 2 files. Since some lists are compilations of smaller lists, this resulted in some lines that really appeared only once to make the cut. More files allowed me to raise the minimum threshold to 5 appearances.

Duplicate Lines

Duplicates in Release one were caused by a mismatch of newline characters. Not this time. Every single processing step included a tr -d '\r' step. I wasn't going to have them slip in.

Non-ASCII and The Blankspace Judgement Calls

For V1, I made a judgement call (based on no evidence) that I wasn't going to include lines that contained blankspace characters. Since I was already disregarding ASCII characters, I thought this wouldn't cause much of a problem.

In V2, I included lines that had non-ASCII characters. This opens up the entire non-American English speaking world of passwords! I also decided not to remove blankspace characters - on the whole. These characters were rare enough to leave in without causing a flood of duplicates.

In some files, a blankspace character was at the end of every line. In these cases, I would remove the final blankspace character from all lines. However, some files did not have consistency when it came to beginning or ending with blankspace characters. In this instance, I would leave them in place, since I had reason to believe the blankspaces were part of the data.

Analysis and Hashcat Rules

While I haven't visualized them yet, I included mask analysis for the files in this release. These have been ranked in order of popularity.

I have also included HashCat rulesets, also in order of popularity.

Closed Issues

Outstanding/New Issues

Don't miss a new Probable-Wordlists release

NewReleases is sending notifications on new releases.