about

This is a collection of username and password, collected by logging standard bruteforce attacks against decentral infrastructure (SSH, telnet, POP3, IMAP, HTTP basic auth etc.).

The goal of this list is to enable a security engineer to test with a wide varity of known combinations, and check your personally used credentials against any kind of leak.
This project is maintained by Fabian Fingerle.

list

username: user.txt user.txt.lzma

password: pass.txt pass.txt.lzma

links

• https://github.com/johnnykv/heralding - Credentials catching honeypot used within this project
• https://github.com/danielmiessler/SecLists - SecLists collection
• https://govolution.wordpress.com - the first 15 days of a password honeypot statistics