Meet 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰! 🕵️‍♂️ After three years, I'm finally excited to announce the release of 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰 and a brand-new website packed with features! Check it out at

For quite a while, I've been running a short, practical security course for seniors at the university. One of the most rewarding aspects of teaching is seeing students apply their knowledge to achieve something remarkable — earning their CVEs and making an impact on security.

Just two days before #BlackHat ...are you ready to crack Hashes Right from Your Browser? Meet Kraker-JS!

Do you need a fast and effective "APT style" wordlist?

"LIFE INSURANCE CORPORATION OF INDIA" or #rockyou2024 is now on

@rekdt Just add 1 or ! to your old one

Is your #password in the weakpass_4 wordlist? I hope not! But do you know if your password could be cracked using rule-based attacks? Do you think adding ! to your password makes it stronger? Find it out now at

Cracking some acme.corp user #hashes? It’s dangerous to go alone! Take Passgen to generate #password candidates like “Acme.corp2024” or “Acme.corp2024!” 💡 Passgen - Check it out at the GitHub repo with other tools and stuff:

Another option for a high-quality wordlist. strings /dev/urandom | grep -oE '^[a-zA-Z0-9!@#$%]{8,12}$' > private_wordlist.txt

Much appreciated, and thank you for supporting weakpass 👍

TL;DR - 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰 for general use, 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰𝗮 for more heavy tasks, and 𝘄𝗲𝗮𝗸𝗽𝗮𝘀𝘀_𝟰.𝗺𝗲𝗿𝗴𝗲𝗱 to rule them all. Why is there no Wi-Fi version?🤨 It makes little sense to create a wordlist that could be used in only one case when another in many.

Range and Search API at are both 𝗳𝗿𝗲𝗲 and available 𝘄𝗶𝘁𝗵𝗼𝘂𝘁 𝗿𝗲𝗾𝘂𝗶𝗿𝗶𝗻𝗴 𝗰𝗿𝗲𝗱𝗶𝘁𝘀, 𝗰𝗼𝗶𝗻𝘀, 𝗽𝗼𝗶𝗻𝘁𝘀, or 𝗼𝘁𝗵𝗲𝗿 𝗹𝗶𝗺𝗶𝘁𝘀. Make your own client-side or server-side lookup. 🔎 Swagger at

@WesSec_ I'm not sure that i understood... what do you mean by this ?)

The source of weakpass #wordlists is a compilation of other people's work. I highly encourage you to check great resources about #hash cracking and #password security - and 𝗵𝗮𝘀𝗵𝗲𝘀.𝗼𝗿𝗴 (press F to pay respect)

While the clean-up isn't perfect, the final wordlist is at least 30% smaller, demonstrating the effectiveness of this approach. It's okay to leave some junk data to not affect real passwords. Weakpass_4 becomes a more powerful, cleaner and efficient wordlist for hash cracking.