duplicut

Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)

nil0x42
919
92
C

Duplicut :scissors:

Quickly dedupe massive wordlists, without changing the order tweet


github tests codacy code quality github codeql codecov coverage

Mentioned in awesome-pentest

Created by nil0x42 and contributors

📖 Overview

Nowadays, password wordlist creation usually implies concatenating
multiple data sources.

Ideally, most probable passwords should stand at start of the wordlist,
so most common passwords are cracked instantly.

With existing dedupe tools you are forced to choose
if you prefer to preserve the order OR handle massive wordlists.

Unfortunately, wordlist creation requires both

So i wrote duplicut in highly optimized C to address this very specific need 🤓 💻



💡 Quick start

git clone https://github.com/nil0x42/duplicut  # download ...
cd duplicut/ && make                           # compile ...
./duplicut wordlist.txt -o clean-wordlist.txt  # dedupe !!!

🔧 Options

-o, --outfile <FILE>       Write result to <FILE>
-t, --threads <NUM>        Max threads to use (default max)
-m, --memlimit <VALUE>     Limit max used memory (default max)
-l, --line-max-size <NUM>  Max line size (default 1024, max 4095)
-p, --printable            Filter ascii printable lines
-c, --lowercase            Convert wordlist to lowercase
-C, --uppercase            Convert wordlist to uppercase
-D, --dupfile <FILE>       Write dupes to <FILE> (slows down duplicut)
-h, --help                 Display this help and exit
-v, --version              Output version information and exit

  • Features:

    • Handle massive wordlists, even those whose size exceeds available RAM
    • Filter lines by max length (--line-max-size option)
    • Filter-out lines with non-printable ASCII chars (--printable option)
    • Save found duplicates to another file (--dupfile option)
    • Ignore case with --lowercase or --uppercase options
    • Displays a nice progress bar with ETA

  • Implementation:

    • Written in pure C code, designed to be fast
    • Compressed hashmap items on 64 bit platforms
    • Multithreading support

  • Limitations:

    • --line-max-size can’t exceed 4095

📖 Technical Details

🔸 1- Memory optimized:

An uint64 is enough to index lines in hashmap, by packing
size info within pointer’s extra bits:

🔸 2- Massive file handling:

If whole file can’t fit in memory, it is split into
virtual chunks, in such way that each chunk uses as much RAM as possible.

Each chunk is then loaded into hashmap, deduped, and tested against
subsequent chunks.

That way, execution time decreases to at most th triangle number:

💡 Throubleshotting

If you find a bug, or something doesn’t work as expected,
please compile duplicut in debug mode and post an issue with
attached output:

# debug level can be from 1 to 4
make debug level=1
./duplicut [OPTIONS] 2>&1 | tee /tmp/duplicut-debug.log