Download A Collection of Passwords & Wordlists for Kali Linux (2018)

download a collection of passwords and wordlists for kali linux 2018

Last updated: Nov 20 2018

Today you'll be able to download a collection of passwords and wordlist dictionaries for cracking in Kali Linux.

A wordlist or a password dictionary is a collection of passwords stored in plain text. It's basically a text file with a bunch of passwords in it. 

Most of the wordlists you can download online including the ones I share with you here are a collection of uncommon and common passwords that were once used (and probably still is) by real people. 

You can create your own wordlist or use existing ones that's been compiled by others. Usually wordlists are derived from data breaches like when a company gets hacked. The data stolen is then sold on the dark web or leaked on certain websites such as Pastebin.

You can download the full collection of wordlists on Github. Note, I sorted and separated them in alphabetical order in order to meet Github's upload size requirements.

For more information on how to download and decompress the files, please continue reading.

Download: https://github.com/kennyn510/wpa2-wordlists

Where did you get the passwords from?

I dug them up using advanced Google search operators. The majority I found from websites that share leaked passwords.

How do I use this?

A wordlist is used to perform dictionary attacks. For example, you can use it to crack WiFi WPA2 using aircrack-ng:

aircrack-ng handshake.cap -w /path/to/wordlist.txt

I've personally tried it and was able to crack 3/10 wifi networks near me. Just bare in mind that using password cracking tools takes a lot of time, especially if done on a computer without a powerful GPU.

Also, this might be obvious to most, but I had a few people email me telling me none of the wordlists worked for them...so I'm about to say it

THIS ONLY WORKS IF THE PASSWORD IS INCLUDED IN THE WORDLIST.

If they use a strong password like this one:
[email protected]|[email protected]!8ZBF3gH*N2$0E$$_

Then you're pretty much out of luck. You could do a brute force attack in such cases but even that could take millions of years depending on your computer.

How to download wordlists

1. Download using git clone

git clone https://github.com/kennyn510/wpa2-wordlists.git

2. Choose a wordlist you want to use

cd wpa2-wordlists/Wordlists/Crackdown2016

3. Decompress (if applicable)

gunzip *.gz

4. Merge all text files into one

cat *.txt >> full.txt

Clean up wordlists using bash one-liners

The following bash one-liners are useful commands for manipulating wordlists (or any text file).

For instance, if you need to remove all blank lines from a file, a one-liner will do the trick. Similarly, if you need to remove duplicate passwords (or text), you can do that too.

If you have multiple wordlists, you can also combine them into one large file.

Remove duplicates

​awk '!(count[$0]++)' old.txt > new.txt

Sort wordlist by length

awk '{print length, $0}' old.txt | sort -n | cut -d " " -f2- > new.txt

Sort by alphabetical order

sort old.txt | uniq > new.txt

Merge multiple text files into one

cat file1.txt file2.txt > combined.txt

Remove all blank lines

egrep -v "^[[:space:]]*$" old.txt > new.txt

Did you find this helpful? Please let me know.

Click Here to Leave a Comment Below 12 comments
Louie - September 4, 2017

Thanks for putting this together. I was using the cat command for removing the duplicates , and the merging command is much easier. Now my question for you is… how would i remove character symbols from the example below?

`[email protected]#$%^
`-=`-=`-=
`;`;`;`;
`??????^

I notice a lot of files have these kind of symbols and I want to remove them.

thanks again.

Reply
    Jodee Ellsworth - December 4, 2018

    Dead indited articles, regards for information .

    Reply
David Bankson - September 6, 2017

I’ve had one problem after another since getting Kali…now I can’t get your instructions to work after the download completes. I put in “gunzip *.gz”, but there are no .gz files in half of the folders! How do I use the Ultimate2016 if there is no .gz file associated with it??

Reply
    Kenneth - September 6, 2017

    If there’s no “.gz” then you don’t need to decompress. Just jump to the next step “cat *.txt >> full.txt”

    Reply
Bankir - October 9, 2017

I have done everything like you sad, but when i put command cat *.txt >> full.txt terminal shows me cat: full.txt: input file is output file What am id doing wrong ?

Reply
    Kenneth - October 9, 2017

    Try using only one “>” instead of 2.
    So like this:

    cat *.txt > full.txt

    Reply
Chad - January 24, 2018

sounds like the command has already executed hence it would be the same file thus already merged to one e.g. 26x = 1, 1 = 1

Reply
Happy - February 7, 2018

Brother i need world list 2018 latest. What is the price to purchase plz reply urgently.

Reply
Trunker - May 2, 2018

can i delete the full.text if i have get the new.text

Reply
Lou - June 3, 2018

Has there been any 2018 word list you have come across yet or built yet? Just trying to keep my word list up to date.

Thanks,

Reply
raja - November 25, 2018

sir he use the strong password example [email protected]|[email protected]!8ZBF3gH*N2$0E$$_ so
help me what i do

Reply
    A*** - December 7, 2018

    Like kenneth said above, complex passwords generally harder to crack as word lists won’t contain them. You can try a bruteforce attack if you have some parts of the password, otherwise your shit outta luck.

    Reply

Leave a Reply: