Generating Large Password Dictionaries Using Brutalist

Generating Large Password Dictionaries Using Brutalist

Brutalist is a cross-platform Python3+ based command line tool that can be used to generate very large word dictionaries based on minimal input. It can take a single word like “password” and generate up to 13,198,680 combinations using common special character substitutions and suffixes, and up to all possible 3-digit numerical suffixes with all variations of special characters appended. It is a highly-specialized tool, which should be a regular go-to in the tool belt of all red teamers and pentesters.

There is no need to default to rockyou.txt every single time you come across an opportunity to launch a dictionary attack, and when used in combination with your own small, custom-made lists, or highly-targeted lists such as those found in FuzzDB, you can create an extremely large dictionary that can be used in a more brute force hybrid attack, which uses a specialized dictionary with all variations of character combinations. Some of these very basic functionalities come pre-built into products like BurpSuite Pro, but they are not as specialized, full-featured, or as simple as running a simple command to create a dictionary to import using brutalist.

If you really feel like turning your computer into a furnace and want your attack to take forever, you can try running one of these lists at Skull Security through brutalist and see how many variations it can generate taking one of those lists as input. However, if you use this method, I would probably suggest rebuilding brutalist using Cython, which I will detail in an upcoming tutorial. It doesn’t optimize a whole lot since the functions used by brutalist are not very optimized for the C programming language, but compiling with Cython generally gives an execution performance boost of around 10% for this program in particular, according to my previous benchmarks. This is negligible when using a single word or small, targeted lists where Python is perfectly sufficient. However, if you plan on generating a list that will take hours instead of minutes or seconds, you may want to use Cython instead. I will link to the tutorial of compiling brutalist as a Cython module once it is complete.

Brutalist is extremely versatile in the fact that you can specify how intense you want it to get with numerical suffixes, special characters, and leet speak, which can exponentially increase or decrease the number of results it will provide you with. You can read more about the usage at https://github.com/phx/brutalist.

Installation

Brutalist uses all Python3 native code, so installation on Linux or Windows with an existing Python3 installation is as simple as cloning the repo and copying brutalist.py somewhere in your $PATH.

Linux Installation Example

git clone https://github.com/phx/brutalist.git
cd brutalist
sudo cp brutalist.py /usr/local/bin/brutalist

MacOS Installation Example

I maintain a separate repo for homebrew installation. It’s extremely simple to install and upgrade whenever a new release comes out. If you don’t have Python3 installed, simply installing brutalist should go ahead and install it as a dependency.

brew tap phx/brutalist
brew install brutalist

I created this tool for my own purposes, because I have run into situations in the field where I needed something like this at my disposal but had to settle for less-than-adequate solutions. I figured that others could benefit from this as well, which is why I made it open source. I hope others get as much use out of it as I do.

Leave a Reply