Chapter 3
Wordlists
You see those, “Top Passwords for Year 20XX” lists every year, and honestly, in my opinion they are just not really true anymore. Basic password requirements for servers mostly prevent the use of many of the passwords listed. In actively cracking public dump lists, the top passwords I have seen for the last several years are a combination of a person’s name (or names), numbers and possibly a symbol. People are creatures of habit, and patterns, and this is especially true when they create passwords. Names, important dates or numbers are easy to remember, so, these are usually what are used when creating a password. Many passwords also start with a capital letter and end with a symbol. It is hard to overcome years of proper language classes.
I personally use Kali Linux for processing my wordlists, but I do most of my password cracking on a Windows 11 box. The most efficient cracking is done on a system with a very strong and fast GPU. In my...