Awesome-claude-skills-security SecLists Passwords (Curated)

Top password lists for authorized security testing: common passwords, darkweb leaks, worst passwords. Curated essentials (<10MB).

install

source · Clone the upstream repo

git clone https://github.com/Eyadkelleh/awesome-claude-skills-security

Claude Code · Install into ~/.claude/skills/

T=$(mktemp -d) && git clone --depth=1 https://github.com/Eyadkelleh/awesome-claude-skills-security "$T" && mkdir -p ~/.claude/skills && cp -r "$T/seclists-categories passwords/passwords" ~/.claude/skills/eyadkelleh-awesome-claude-skills-security-seclists-passwords-curated && rm -rf "$T"

manifest: seclists-categories passwords/passwords/SKILL.md

source content

SecLists Passwords (Curated)

Description

Top password lists for authorized security testing: common passwords, darkweb leaks, worst passwords. Curated essentials (<10MB).

Source: SecLists/Passwords Repository: https://github.com/danielmiessler/SecLists License: MIT

When to Use This Skill

Use this skill when you need:

Password spraying (authorized)
Credential testing
Password policy validation
Brute force testing (authorized)
Authentication testing

⚠️ IMPORTANT: Only use for authorized security testing, bug bounty programs, CTF competitions, or educational purposes.

Key Files in This Skill

500-worst-passwords.txt - 500 worst passwords

10k-most-common.txt - 10K common passwords

100k-most-used-passwords-NCSC.txt - 100K passwords

darkweb2017_top-10000.txt - 10K from breaches

probable-v2_top-12000.txt - 12K probable passwords

Usage Example

# Access files from this skill
import os

# Example: Load patterns/payloads
skill_path = "references/Passwords"

# List all available files
for root, dirs, files in os.walk(skill_path):
    for file in files:
        if file.endswith('.txt'):
            filepath = os.path.join(root, file)
            print(f"Found: {filepath}")
            
            # Read file content
            with open(filepath, 'r', errors='ignore') as f:
                content = f.read().splitlines()
                print(f"  Lines: {len(content)}")

Security & Ethics

Authorized Use Cases ✅

Authorized penetration testing with written permission
Bug bounty programs (within scope)
CTF competitions
Security research in controlled environments
Testing your own systems
Educational demonstrations

Prohibited Use Cases ❌

Unauthorized access attempts
Testing without permission
Malicious activities
Privacy violations
Any illegal activities

Complete SecLists Collection

This is a curated subset of SecLists. For the complete collection:

Full repository: https://github.com/danielmiessler/SecLists
Size: 4.5 GB with 6,000+ files
All categories: Passwords, Usernames, Discovery, Fuzzing, Payloads, Web-Shells, Pattern-Matching, AI, Miscellaneous

Generated by Skill Seeker | SecLists Passwords Collection License: MIT - Use responsibly with proper authorization