Merry Christmas from hashpwn! Here's a shiny new wordlist to try out.

https://forum.hashpwn.net/post/237

'Twas the night before Christmas, on hashpwn's site,
The forum was fueled by coffee all night.
As the wordlist drew nearer, one puzzle away,
All crackers pressed on, determined to stay.
Hints had been posted, the challenge laid bare,
One final quest, Exclusive or — but where?

https://forum.hashpwn.net/post/246

We're up to 9 users who have completed the hashpwn Wordlist Challenge. Who will be next?

https://forum.hashpwn.net/post/246

Ho Ho... oh, no! Santa's Workshop is in trouble! It seems the download link for the hashpwn wordlist has been cleverly scrambled, and right before Christmas! Who would do such a thing? What a mischievous Grinch!

Luckily, it appears the Grinch left a few clues to follow. Time to put your thinking caps on!
https://forum.hashpwn.net/post/246

#CynosurePrime has released #rlite, a lightweight alternative to #rling. Designed for fast #wordlist #sorting, #deduplication, and simple analytics.
https://forum.hashpwn.net/post/204

Our fellow #hashcracking friend #JakeWnuk recently posted about his #wordlist transformation tool, `Password Transformation Tool` (ptt). It supports custom rules, transformations, deduplication, multibyte characters, and more, and can process wordlists from local files or URLs.
https://forum.hashpwn.net/post/176

Ever wish you could #crawl a website to generate a targeted #wordlist, create #ngrams, and sort everything by frequency—all with a single, easy-to-use tool that doesn’t rely on Ruby or Python?
Now you can, thanks to #Spider.
https://forum.hashpwn.net/post/52

Need to convert a #wordlist to #hash? Meet #hashgen, the blazingly fast hash generator. Currently supports 18+ modes such as #md5, #sha, #ntlm, #crc, #base64 encode/decode, and converting $HEX[] to #plaintext.
Cross-compilable for Linux, Windows and Mac.
https://forum.hashpwn.net/post/89

Вход в заднюю дверь или пентест сетевых принтеров и МФУ

В данной статье мы с вами затронем анализ сетевых принтеров / МФУ в компании. Каждый из Вас наверное замечал, что данные устройства стоят почти в каждом кабинете и этаже (последнее более опасно, так как доступ к данным устройствам может получить любой человек: сотрудник компании, внешний гость или подрядная организация). Многие компании не выполняют необходимые мероприятия по предварительной донастройке данных устройств, а данные хосты могуть уязвимым звеном в периметре информационной системы.

https://habr.com/ru/articles/847196/

Does anyone have a directory enumeration wordlist that's optimized to find common directories quickly, and doesn't have junk in it like 490541629456ea9c7e1c31 or Oasis - The Complete Discography.
#dirbusting #enumeration #wordlist

Någon som vet om det går att få tag på en svensk #ordlista (typ saol) där man enkelt kan grep:a ut ord baserat på ordklass? Vill autogenerera användarnamn i en #matrix server jag fnular med.

Skulle ju vara schyst om svenska akademin tillhandahöll sånt men hittade bara appar där...

#programmera

I guess an english #wordlist with word classes marked in a grep-able way would work too. It's for autogenerating usernames for my matrix toy server project. If anyone knows of one?

Weakpass ( https://nfsec.pl/pentest/6371 ) #wordlist #password #hash #cracking #dictionary_attack #twittermigration

https://www.youtube.com/watch?v=4yG0QE9ce3U

Just released wordlist 1.1.0, the Ruby library/CLI for reading, combining, mutating, and building wordlists. It slices, it dices, and it now supports reading and writing zip and 7zip compressed wordlists.
https://github.com/postmodern/wordlist.rb#readme
#ruby #infosec #wordlist #wordlists

Does anyone know of a list of every type of organization? Ex: company, non-profit, government, military, religious, etc.
#taxonomy #wordlist

I recently made a highly efficient subdomain discovery wordlist by scanning the entire IPv4 space for SSL certs.

I've written a full article on the project, which is, in fact, my first public InfoSec article ever!

I would love to hear what you think!

You can read it here:
https://n0kovo.github.io/posts/subdomain-enumeration-creating-a-highly-efficient-wordlist-by-scanning-the-entire-internet/

(boosts and shares highly appreciated )

Are you allowed to be proud when your work is included in SecLists?

I recently made a highly efficient subdomain discovery wordlist by scanning the entire IPv4 space for SSL certs.

I've written a full article on the project, which is, in fact, my first public InfoSec article ever!

I would love to hear what you think!

You can read it here:
https://n0kovo.github.io/posts/subdomain-enumeration-creating-a-highly-efficient-wordlist-by-scanning-the-entire-internet/

(boosts and shares highly appreciated )

Added to the User Dictionary 1/20/23*

pustulating
cheapo
inscrutables
clowder
furless
worshippers
beachfront
obstinance
gallerist
noir
villainess
IMDb
razzle
Moby
midthirties
Miró

*#UserDict is an ongoing documentary of words added to the custom InDesign spell-check dictionary from books I am designing or editing.