Password list generator for password spraying - prebaked with goodies

Overview

Spraygen

Password list generator for password spraying - prebaked with goodies

Version 1.5

Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, "Password", and even Iterable Keyspaces of a specified size.

All permutations are generated with common attributes appended/prepended (such as "!" or "#"), or custom separators (such as "." or "_").

Common letter replacement option (change all A -> 4/@ for example)

Users can extend the attributes and separators using comma delimited lists of characters.

Spraygen also accepts single words or external wordlists that allow you to generate tuned custom wordlists in addition to what is already provided.

You could use tools like crunch, a fancy bash loop over SecLists, or whatever have you but that takes time...this one is made for spraying, so get to it!

python3 spraygen.py -h
     _
    (  \_
    (    \_
    (       \_  
    (         \_            ___
    ( Password   \         |   |
    (   Spray     |คคคคคคคค|___|
    (           _ /          |
    (       _ /         /~~~~~~~~~\
    (   _ /            (  Spray    )
    (_/                 |  This   |
                        |         |
                        | Get     |
                        |  Creds  |
                        |_________|

    Original Art by Alex Chudnovsky (Unaffiliated)
    Spraygen tool by 3ndG4me
    Version 1.5
    
usage: spraygen.py [-h] [--year_start YEAR_START] [--year_end YEAR_END] [-s separators] [-a attributes] [-w wordlist] [-n single word]
                   [--mode {all,nosep,noattr,years,plain,letter,custom}]
                   [--type {all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} [{all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} ...]]
                   [--iter {ascii,num,spec,asciinum,asciispec,numspec,full}] [--size SIZE] [--min_length MIN_LENGTH] [--max_length MAX_LENGTH]
                   [-o output file] [-p] [--sort {nosort,asc,desc,random}] [-v]

Parse Spray List Arguments.

optional arguments:
  -h, --help            show this help message and exit
  --year_start YEAR_START
                        starting year for a range of years
  --year_end YEAR_END   ending year for a range of years
  -s separators         a comma delimited list of one or more separators
  -a attributes         a comma delimited list of one or more attributes
  -w wordlist           path to a custom wordlist
  -n single word        single custom word to generate a custom wordlist with
  --mode {all,nosep,noattr,years,plain,letter,custom}
                        Mode for list generation. Can be all, no separators, no attributes, only years, plain, letter, or custom (will only use parameters
                        passed into -s or -a).
  --type {all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} [{all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} ...]
                        Type of list to generate. Can be all, iterative, sports, nfl, nba, mlb, nhl, months, seasons, password, or custom. Choosing 'all'
                        executes all options except for 'iterative' which must be run manually.
  --iter {ascii,num,spec,asciinum,asciispec,numspec,full}
                        Keyspace mode for iterative list generation. Only works when --type is set to 'iterative'. Can be ascii, num, spec, asciinum,
                        asciispec, numspec, or full. Will generate all permutations of the selected keyspace with a given length set with the --size
                        parameter.
  --size SIZE           Length of passwords generated by a set keyspace. Only works when --type is set to 'iterative' and an --iter keyspace mode is set.
  --min_length MIN_LENGTH
                        Minimum length of passwords to include in the list. (Default: 1)
  --max_length MAX_LENGTH
                        Maximum length of passwords to include in the list (Default: 999)
  -o output file        name of a file to create and write the final output to
  -p                    prints the output line by line as plaintext
  --sort {nosort,asc,desc,random}
                        Sort final output. Sorting methods supported are nosort, asc, desc, random.
  -v                    prints the current version of spraygen and exits

Basic Usage

  1. Install dependencies pip3 install -r requirements.txt
  2. Run python3 spraygen.py -p - this will generate all default built in wordlists with all permutations and print them to the screen

Usage Recommendations

Credits

  • @MarkoH17 - for the boolean python3.8 backwards compatibility fix
  • @absolomb - for enhancing type selection and attribute logic in year generation
Owner
Casey Erdmann
Offensive security nerd, researcher, and software developer. I make software and distribute it under @InjectionSoftwareandSecurityLLC
Casey Erdmann
A tool that detects the expensive Carbon Black watchlists.

A tool that detects the "expensive" Carbon Black watchlists.

Oğuzcan Pamuk 8 Aug 04, 2022
Solución al reto BBVA Contigo, Hack BBVA 2021

Solution Solución propuesta para el reto BBVA Contigo del Hackathon BBVA 2021. Equipo Mexdapy. Integrantes: David Pedroza Segoviano Regina Priscila Ba

Gabriel Missael Barco 2 Dec 06, 2021
A hack for writing switch statements with type annotations in Python.

py_annotation_switch A hack for writing switch statements in type annotations for Python. Why should I use this? You most definitely should not use th

6 Oct 17, 2021
Send CVE information to the specified mailbox (from Github)

Send CVE information to the specified mailbox (from Github)

91 Nov 08, 2022
Apache Solr SSRF(CVE-2021-27905)

Solr-SSRF Apache Solr SSRF #Use [-] Apache Solr SSRF漏洞 (CVE-2021-27905) [-] Options: -h or --help : 方法说明 -u or --url

Henry4E36 70 Nov 09, 2022
信息收集自动化工具

水泽-信息收集自动化工具 郑重声明:文中所涉及的技术、思路和工具仅供以安全为目的的学习交流使用,任何人不得将其用于非法用途以及盈利等目的,否则后果自行承担。 0x01 介绍 作者:Ske 团队:0x727,未来一段时间将陆续开源工具,地址:https://github.com/0x727 定位:协助

0x727 2.7k Jan 09, 2023
Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples

Obfuscated Gradients Give a False Sense of Security: Circumventing Defenses to Adversarial Examples Above is an adversarial example: the slightly pert

Anish Athalye 838 Dec 18, 2022
All in One CRACKER911181's Tool. This Tool For Hacking and Pentesting.🎭

This is A Python & Bash Programming Based Termux-Tool Created By CRACKER911181. This Tool Created For Hacking and Pentesting. If You Use This Tool To Evil Purpose,The Owner Will Never be Responsible

CRACKER911181 1 Jan 10, 2022
Spring-0day/CVE-2022-22965

CVE-2022-22965 Spring Framework/CVE-2022-22965 Vulnerability ID: CVE-2022-22965/CNVD-2022-23942/QVD-2022-1691 Reproduce the vulnerability docker pull

iak 4 Apr 05, 2022
WpDisect is a wordpress hacking tool that finds vulnerabilities in wordpress.

wpdisect WpDisect is a wordpress hacking tool that finds misconfigurations in wordpress. Prerequisites You need to download wordpress in the wpdisect

3 Feb 20, 2022
Archive-Crack - A Tools for crack file archive

Install In TERMUX apt update && apt upgrade -y pkg install python git unrar

X - MrG3P5 10 Oct 06, 2022
These are Simple python scripts to test/scan your network

Disclaimer This tool is for Educational purpose only. We do not promote or encourage any illegal activities. Summary These are Simple python scripts t

Varun Jagtap 5 Oct 08, 2022
Official repository for Pyew.

pyew Pyew is a (command line) python tool to analyse malware. It does have support for hexadecimal viewing, disassembly (Intel 16, 32 and 64 bits), PE

Joxean 362 Nov 28, 2022
Uncover the full name of a target on Linkedin.

Revealin Uncover the full name of a target on Linkedin. It's just a little PoC exploiting a design flaw. Useful for OSINT. Screenshot Usage $ git clon

mxrch 129 Dec 21, 2022
Looks at Python code to search for things which look "dodgy" such as passwords or diffs

dodgy Dodgy is a very basic tool to run against your codebase to search for "dodgy" looking values. It is a series of simple regular expressions desig

Landscape 112 Nov 25, 2022
A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚

log4check A small Minecraft server to help players detect vulnerability to the Log4Shell exploit 🐚 Tested to work between Minecraft versions 1.12.2 a

Evan J. Markowitz 4 Dec 23, 2021
SpiderFoot automates OSINT collection so that you can focus on analysis.

SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of m

Steve Micallef 9k Jan 08, 2023
A python module for retrieving and parsing WHOIS data

pythonwhois A WHOIS retrieval and parsing library for Python. Dependencies None! All you need is the Python standard library. Instructions The manual

Sven Slootweg 384 Dec 23, 2022
PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

Akshay Vs 44 Nov 18, 2022
Dumps the payload.bin image found in Android update images.

payload dumper Dumps the payload.bin image found in Android update images. Has significant performance gains over other tools due to using multiproces

Rasmus 7 Nov 17, 2022