The Dictionaries tab in Fitcrack menu allows you to manage password dictionaries. A password dictionary is simply a text file (with a .txt extension) containing different password candidates while each password is stored on a seperate line. Dictionaries are used for various attack types: a dictionary attack, a combination attack, and hybrid attacks.


In the overview, you can browse all password dictionaries which are present in the system. In the fist column, you can see the name of the dictionary. The second column shows the keyspace, i.e. the number of passwords in the dictionary. The next column contains the date and time the dictionary was added to the system. By clicking on the trashcan icon, you can delete a dictionary.

Adding a new dictionary

In Fitcrack, there are three ways how to add a new dictionary:

  • Copying directly to the dictionaries directory using SCP/SFTP, default port 2222 or SMB, default ports 137, 138, 139, 445. Credentials are defined in .env configuration file – UPLOAD_USER, UPLOAD_PASS variables.
  • Selecting an existing dictionary from server drive (1.) which creates a symlink to the original file.
  • Uploading a dictionary from your machine via a web browser (2.), in which case, the size of the dictionary is limited by the settings of the HTTP server. The default limit s 2 GB.

Please note, that after adding a dictionary, Fitcrack has to process it and calculate its keyspace, which may take some time – depending on the size of the dictionary.