Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time
May 8, 2019 13:25
May 3, 2019 16:21

Kaonashi Project: RootedCON 2019


This repository contains several directories:

A clone may not be necessary to get the files you need.


When a user has to choose a password, he tends to build it in the same way, using the same personal information, and using the same complexity ideas.

In this study we processed several billions of real passwords in order to make a large-scale analysis of these common behaviors, drawing conclusions that allow us to create specific procedures and tools to improve current Password Cracking techniques.


We used different methods, like behavioral and statistical analysis, neural networks and other advanced techniques, to obtain patterns and relevant information that allow us to crack hashes whose resistance is usually quite high.

Kaonashi Wordlist

These wordlists have been extracted from real password leaks, and sorted by number of ocurrences. By having the wordlists sorted this way, users can extract TOP n lines/passwords and create custom wordlists based on their needs.

You can use the following Mega links to download compressed (7z) wordlists:

You can also find .torrent files inside wordlists/ directory

Authors and Attributions

Disclaimer and License

  • These code and wordlists are for LAWFUL, ETHICAL AND EDUCATIONAL PURPOSES ONLY.
  • The files contained in this repository are released "as is" without warranty, support, or guarantee of effectiveness.
  • We are open to hearing about any issues found within these files and will be actively maintaining this repository for the foreseeable future. If you find anything noteworthy, let us know and we'll see what we can do about it.

The authors did not steal, phish, deceive or hack in any way to get hold of these passwords. All lines in these files were obtained through freely available means.

The intent for this project is to provide information on insecure passwords in order to increase overall password security. The lists will show you what passwords are the most common, what patterns are the most common, and what you should avoid when creating your own passwords.

License: GPL v3

This work is licensed under a GNU General Public License v3 License.

Happy Password Cracking!