Ethical Security Tool for Targeted Password Auditing
Built for penetration testers, red teams, and security researchers.
For Educational Purposes Only!
β For authorized security testing only
β Unauthorized use is illegal
β The author is not responsible for misuse
By using this tool, you agree to test only systems you own or have explicit permission to assess.
Victimator-X is an advanced password profiling tool that generates highly targeted wordlists using personal, professional, and digital footprint data.
It simulates realistic human password patterns to improve the effectiveness of:
- π Password strength audits
- π‘οΈ Security assessments
- π― Red team engagements
- π§ͺ CTF challenges & research
- Leet speak transformations
- Name & keyword permutations
- Special character injection
- Human-like password patterns
- Automatic strength scoring
- Categorized outputs:
weakmediumstrong
--hashcatβ optimized for Hashcat--hydraβ optimized for Hydra
- Personal details
- Hobbies & interests
- Favorite numbers
- School/company names
- Multi-value fields
- Graceful exit handling (CTRL+C)
- Cross-platform terminal support
- No external dependencies
- Legal warning prompt
- Python 3.x
- Built-in modules only (no pip required):
itertoolsplatformossignalpathlibargparse
git clone https://github.com/voltsparx/Victimator-X.git
cd Victimator-XRun the tool:
python3 victimator-x.py--hashcat Optimize output for Hashcat
--hydra Optimize output for Hydra
--min N Minimum password length
--max N Maximum password lengthpython3 victimator-x.py --hashcat --min 8 --max 16All inputs are optional β more data = more accurate wordlists.
| Category | Examples |
|---|---|
| Personal | John, Doe, 15071990 |
| Numbers | 7, 13, 99 |
| Hobbies | gaming, hiking, music |
| Digital | reddit.com, xXJohnXx |
| Education | Central High School |
Victimator-X generates categorized wordlists:
/wordlists/
βββ weak.txt
βββ medium.txt
βββ strong.txt
βββ full.txt
- β 1,000 β 50,000+ targeted combinations
- β Sorted by length & readability
- β Ready for Hashcat, Hydra, John the Ripper
John123
J0hn!
Doe@1990
gaming#7
CentralHigh2024
Input Data
β
Leet Transformations
β
Permutations & Combinations
β
Special Character Injection
β
Length Filtering
β
Strength Classification
β
Categorized Wordlists
| Option | Description |
|---|---|
--hashcat |
Ensures compatibility with Hashcat rules |
--hydra |
Limits length for Hydra compatibility |
--min |
Minimum password length |
--max |
Maximum password length |
β Password strength auditing
β Authorized penetration testing
β Red team exercises
β Security education
β Capture The Flag competitions
β Unauthorized system access
β Brute-forcing unknown targets
β Violating cybercrime laws
Current Version: 1.2.0
Contributions are welcome!
If you'd like to improve Victimator-X:
- Fork the repo
- Create a feature branch
- Submit a pull request
Report bugs or request features here:
π https://github.com/voltsparx/Victimator-X/issues
MIT License β Use responsibly.
voltsparx
π§ voltsparx@gmail.com
π https://github.com/voltsparx
If you find Victimator-X useful, consider giving it a β on GitHub β it helps others discover the tool!