Duplicut is a modern password wordlist creation usually implies concatenating multiple data sources.
Ideally, most probable passwords should stand at start of the wordlist, so most common passwords are cracked instantly.
With existing dedupe tools you are forced to choose if you prefer to preserve the order OR handle massive wordlists.
Unfortunately, wordlist creation requires both:
So i wrote duplicut in highly optimized C to address this very specific need
Quick start
git clone https://github.com/nil0x42/duplicut
cd duplicut/ && make
./duplicut wordlist.txt -o clean-wordlist.txt
Options
Features
-l option)-p option)Implementation
Limitations
Technical Details
1- Memory optimized
An uint64 is enough to index lines in hashmap, by packing size info within pointer’s extra bits:
2- Massive file handling
If whole file can’t fit in memory, it is split into virtual chunks, then each one is tested against next chunks.
So complexity is equal to th triangle number:
Throubleshotting
If you find a bug, or something doesn’t work as expected, please compile duplicut in debug mode and post an issue with attached output:
Playwright-MCP (Model Context Protocol) is a cutting-edge tool designed to bridge the gap between AI…
JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…
The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…
Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…
SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…
Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…