Jump to content
M2G

Username Anarchy (username generation)

By M2G, in Programe utile

Recommended Posts

M2G Apprentice

M2G

Posted
Posted

Description

Tools for generating usernames when penetration testing. Usernames are half the password brute force problem.

This is useful for user account/password brute force guessing and username enumeration when usernames are based on the users’ names. By attempting a few weak passwords across a large set of user accounts, user account lockout thresholds can be avoided.

Users’ names can be identified through a variety of methods:

Web scraping employee names from LinkedIn, Facebook, and other social networks.

Extracting metadata from document types such as PDF, Word, Excel, etc. This can be performed with FOCA.

Common aliases, or self chosen usernames, from forums are also included.

Usage

Username Anarchy is a command line tool.

Usage: ./username-anarchy [OPTIONS]... [firstname|first last|first middle last]
Version: 0.2

NAMES
--input-file, -i=FILE           Input list of names. Can be CSV or TAB delimited.
                                    Valid column headings are: firstinitial,firstname,
                                    lastinitial,lastname,middleinitial,middlename
--auto, -a                      Automatically generate names from a country or other lists.
--country COUNTRY, -c           COUNTRY can be one of the following datasets:
                                    PublicProfiler:
                                    argentina, austria, belgium, canada, china, denmark, france, germany,
                                    hungary, india, ireland, italy, luxembourg, netherlands, newzealand,
                                    norway, poland, serbia, slovenia, spain, sweden, switzerland, uk, us
                                    Other:
                                    Facebook - uses the Facebook top 10,000 first and last names
--given-names=FILE              Dictionary of given names
--family-names=FILE             Dictionary of family names
--substitute, -s=STATE          Control name substitutions.
                            Valid values are 'on' and 'off'. Default: off
                            Can substitute any part of a name not available.
--max-substitutions, -m=NUM     Limit quantity of substitutions per plugin.
                            Default: -1 (Unlimited)

USERNAME FORMAT
--list-formats, -l              List format plugins
--select-format, -f=LIST        Select format plugins by name. Comma delimited list
--recognise, -r=USERNAME        Recognise which format is in use for a username. This
                                    uses the Facebook dataset. Use verbose mode to show progress.

MISC
--verbose, -v                   Display plugin format comments in output and displays last name searches
                            in plugin format recogniser
--help, -h                      This help

Example Usage

You know the name of a user but not the username format

./username-anarchy anna key
anna
annakey
anna.key
annakey
annak
a.key
akey
kanna
k.anna
...

You know the username format and names of users

./username-anarchy --input-file ./test-names.txt  --select-format first.last
andrew.horton
jim.vongrippenvud
peter.otoole

You know the server is in France:

Note that -a or –auto is required when you do not specify any input names.

./username-anarchy --country france --auto
martin
bernard
thomas
durand
richard
robert
petit
moreau
dubois
simon
martinsmith
martinjohnson
...

List username format plugins

./username-anarchy --list-formats
Plugin name             Example
--------------------------------------------------------------------------------
first                   anna
firstlast               annakey
first.last              anna.key
firstlast[8]            annakey
firstl                  annak
f.last                  a.key
flast                   akey
lfirst                  kanna
l.first                 k.anna
lastf                   keya
last                    key
last.f                  key.a
last.first              key.anna
FLast                   AKey
first1                  anna0,anna1,anna2
fl                      ak
fmlast                  abkey
firstmiddlelast         annaboomkey
fml                     abk
FL                      AK
FirstLast               AnnaKey
First.Last              Anna.Key
Last                    Key
FML                     ABK

Name Resources

Names

World Family Names Some common countries. Top 10 surnames and forenames

https://secure.wikimedia.org/wikipedia/en/wiki/List_of_most_popular_given_names

Most popular baby names in - compiled by BabyNameFacts.com top 100 baby names per country

https://secure.wikimedia.org/wikipedia/en/wiki/List_of_most_common_surnames_in_Oceania

Name Parsing:

https://secure.wikimedia.org/wikipedia/en/wiki/Capitalization

http://cpansearch.perl.org/src/KIMRYAN/Lingua-EN-NameParse-1.28/lib/Lingua/EN/NameParse.pm

Lingua::EN::NameCase - search.cpan.org

Website: Username Anarchy

Direct Download: https://github.com/urbanadventurer/username-anarchy/archive/master.zip

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...