credentials catching bruteforce honeypot

I started publishing a collection of username and password. This list has been collected by logging standard bruteforce attacks against decentral infrastructure. It is logging against many protocols like SSH, telnet, POP3, IMAP, HTTP basic auth and many more.

The daily updated list can be downloaded under

The goal of this list is to enable a security engineer to test with a wide varity of known combinations, and check your personally used credentials against any kind of leak.

I recommend everbody taking care about their personal password polivies as also digital heritage.

Leave a Reply

Your email address will not be published. Required fields are marked *