Spraygen : Password List Generator For Password Spraying

Spraygen is a password list generator for password spraying – prebaked with goodies.

Version 1.5

Generates permutations of Months, Seasons, Years, Sports Teams (NFL, NBA, MLB, NHL), Sports Scores, “Password”, and even Iterable Keyspaces of a specified size.

All permutations are generated with common attributes appended/prepended (such as “!” or “#”), or custom separators (such as “.” or “_”).

Common letter replacement option (change all A -> 4/@ for example)

Users can extend the attributes and separators using comma delimited lists of characters.

Spraygen also accepts single words or external wordlists that allow you to generate tuned custom wordlists in addition to what is already provided.

You could use tools like crunch, a fancy bash loop over SecLists, or whatever have you but that takes time…this one is made for spraying, so get to it!

python3 spraygen.py -h

Usage: spraygen.py [-h] [–year_start YEAR_START] [–year_end YEAR_END] [-s separators] [-a attributes] [-w wordlist] [-n single word]
[–mode {all,nosep,noattr,years,plain,letter,custom}]
[–type {all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} [{all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} …]]
[–iter {ascii,num,spec,asciinum,asciispec,numspec,full}] [–size SIZE] [–min_length MIN_LENGTH] [–max_length MAX_LENGTH]
[-o output file] [-p] [–sort {nosort,asc,desc,random}] [-v]

Parse Spray List Arguments.

Optional Arguments:
-h, –help show this help message and exit
–year_start YEAR_START
starting year for a range of years
–year_end YEAR_END ending year for a range of years
-s separators a comma delimited list of one or more separators
-a attributes a comma delimited list of one or more attributes
-w wordlist path to a custom wordlist
-n single word single custom word to generate a custom wordlist with
–mode {all,nosep,noattr,years,plain,letter,custom}
Mode for list generation. Can be all, no separators, no attributes, only years, plain, letter, or custom (will only use parameters
passed into -s or -a).
–type {all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} [{all,iterative,sports,nfl,nba,mlb,nhl,months,seasons,password,custom} …]
Type of list to generate. Can be all, iterative, sports, nfl, nba, mlb, nhl, months, seasons, password, or custom. Choosing ‘all’
executes all options except for ‘iterative’ which must be run manually.
–iter {ascii,num,spec,asciinum,asciispec,numspec,full}
Keyspace mode for iterative list generation. Only works when –type is set to ‘iterative’. Can be ascii, num, spec, asciinum,
asciispec, numspec, or full. Will generate all permutations of the selected keyspace with a given length set with the –size
parameter.
–size SIZE Length of passwords generated by a set keyspace. Only works when –type is set to ‘iterative’ and an –iter keyspace mode is set.
–min_length MIN_LENGTH
Minimum length of passwords to include in the list. (Default: 1)
–max_length MAX_LENGTH
Maximum length of passwords to include in the list (Default: 999)
-o output file name of a file to create and write the final output to
-p prints the output line by line as plaintext
–sort {nosort,asc,desc,random}
Sort final output. Sorting methods supported are nosort, asc, desc, random.
-v prints the current version of spraygen and exits

Basic Usage

  1. Install dependencies pip3 install -r requirements.txt
  2. Run python3 spraygen.py -p – this will generate all default built in wordlists with all permutations and print them to the screen

Usage Recommendations

Credits

  • @MarkoH17 – for the boolean python3.8 backwards compatibility fix
  • @absolomb – for enhancing type selection and attribute logic in year generation
R K

Recent Posts

Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…

6 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

6 days ago

CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…

6 days ago

How to Bash Append to File: A Simple Guide for Beginners

If you are working with Linux or writing bash scripts, one of the most common…

6 days ago

Mastering the Bash Case Statement with Simple Examples

What is a bash case statement? A bash case statement is a way to control…

6 days ago

How to Check if a File Exists in Bash – Simply Explained

Why Do We Check Files in Bash? When writing a Bash script, you often work…

1 week ago