Blasting Dictionary provides curated datasets of common usernames and passwords designed for auditing authentication strength and identifying vulnerable accounts. It serves as a collection of credential stuffing wordlists and password attack dictionaries used to test for weak or default credentials in target services.
The main features of rootphantomer/blasting_dictionary are: Wordlists, Credential Stuffing, Password Attacks, Credential Vulnerability Assessments, Penetration Testing Resources, Security Testing Datasets, Credential Brute-Forcing, Credential Testing Tools.
Open-source alternatives to rootphantomer/blasting_dictionary include: thekingofduck/fuzzdicts — fuzzDicts is a repository of curated wordlists and dictionaries designed for web application fuzzing. It provides… bitwise-01/instagram- — This project is a security auditing and penetration testing utility designed for automating password guessing,… manisso/fsociety — fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits.… vanhauser-thc/thc-hydra — Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords… hashcat/hashcat — Hashcat is a high-performance hash cracking software and OpenCL compute application used to recover plain-text… offensive-security/exploit-database — This project is a public exploit code archive and vulnerability database. It serves as a collection of documented…
fuzzDicts is a repository of curated wordlists and dictionaries designed for web application fuzzing. It provides collections of strings and payloads used to discover hidden files, subdomains, and security vulnerabilities. The project includes specialized libraries for different security testing vectors, such as dictionaries for common request and cookie parameters, lists of common subdomain prefixes, and collections of passwords and default vendor credentials for brute-force testing. It also maintains a security payload library containing character sequences used to identify flaws like SQL i
This project is a security auditing and penetration testing utility designed for automating password guessing, credential stuffing, and account brute-forcing on Instagram. It functions as an account recovery auditor that simulates automated login attacks to test the strength of account passwords. The tool incorporates a proxy manager to handle the import and monitoring of proxy lists. This system routes requests through rotating IP addresses and monitors proxy health to prune unresponsive addresses and avoid rate limiting. The software provides capabilities for concurrent request execution a
fsociety is a penetration testing framework and security tool orchestrator designed to conduct full security audits. It functions as a wrapper that integrates external security binaries into a unified, menu-driven interface, providing a centralized system for command-line parameter mapping and execution. The project distinguishes itself by organizing specialized utilities into domain-specific collections for structured navigation. It automates the transition between different phases of an audit by chaining reconnaissance and exploitation tools through sequential workflow automation. The fram
Hydra is a network login password cracker and authentication tester designed to identify valid usernames and passwords through automated brute-force and dictionary attacks. It serves as a multi-protocol authentication tester capable of verifying credentials across a wide range of remote network services, including SSH, SMB, FTP, and various database listeners. The project is distinguished by its ability to execute parallelized password attacks against multiple servers and protocols simultaneously. It features a modular system for implementing diverse network authentication schemes, allowing f