Feed Valence a personal profile — names, dates, pets, hobbies — and get a deduplicated wordlist that mirrors how real people create passwords. Built for authorized audits and contracted pentests.
Valence is a free, open-source wordlist generator for penetration testers and security researchers. Unlike generic wordlists, it builds targeted password candidates from a personal profile — applying leet-speak substitutions, case mutations, date derivations, and pairwise combinations the same way a real person would. Pipe the output directly into Hashcat, John the Ripper, or any password auditing tool.
All 2ⁿ per-character toggle combinations. 1–3 rule leet substitutions: a→@/4, e→3, i→1/!, o→0, s→$/5.
Every token gets bare, suffixed, prefixed, and wrapped forms — !john, john123, !john123 — across the full mutation set.
Birthdates expand to YYYY, YY, DDMM, MMDD. Phone numbers yield last-4, last-6, area code, and full digits.
Every token pair joined with each separator in both orderings — john_smith, smith_john, john.smith — then mutated and suffixed.
Profile tokens paired with real breach-corpus words: johnlove, dragonsmith, ilovejohn. Words never pair with each other.
Reversed spellings (nhoj, htims) and initials combos (JSmith, JohnS) derived automatically from name fields.
Pure Go standard library. No go get, no supply-chain risk. Auditable, embeddable, cross-compiles to any platform.
Candidates to stdout, metadata to stderr. Pipes directly into hashcat, sort, uniq. Importable as a Go library.
All four produce the same binary. No runtime required.
$ brew tap g4m3m4g/tap $ brew install valence
macOS and Linux. Kept up-to-date with brew upgrade.
$ curl -fsSL https://raw.githubusercontent.com/g4m3m4g/Valence/main/scripts/install.sh | sh
Downloads the correct pre-built binary for your OS and architecture. Installs to /usr/local/bin.
$ go install github.com/g4m3m4g/valence@latest
Requires Go 1.22+. Binary lands in $GOPATH/bin.
$ git clone https://github.com/g4m3m4g/Valence.git $ cd Valence $ go build -o valence .
$ valence Valence — interactive profile builder Leave any field blank to skip it. First name: John Last name: Smith Pet's name: Max Date of birth (YYYY-MM-DD): 1990-05-15 Output file [john_smith.txt]:
No flag memorization required. Valence walks you through each field.
$ valence -first John -last Smith -nick Johnny \ -partner Sarah -pet Max -child Emma \ -phone "555-123-4567" -city Bangkok \ -username j0hn -birthdate 1990-05-15 \ -o john_smith.txt
# Pipe directly into Hashcat $ valence -first John -pet Max | hashcat -a 0 -m 1000 hashes.txt # Filter and sort $ valence -first John -birthdate 1990-05-15 | sort -u > candidates.txt
Candidates go to stdout. Metadata and errors go to stderr — the split is intentional.
YYYY-MM-DDstdout0 means unlimited432Six deterministic stages. Every candidate passes through all of them before landing in the output.
YYYY, YY, DDMM, MMDD. Phone numbers to last-4, last-6, area code, and full digits. Initials combos and reversed spellings are derived here.
john, john123, !john, !john123.
john_smith, smith_john, john.smith.
johnlove, dragonsmith. The full case/prefix/suffix pipeline re-applies. Words never pair with each other.
map[string]struct{} deduplication in O(1). Length bounds enforced at a single choke point. Results sorted and optionally capped.
Valence is built for contracted pentests and authorized security awareness campaigns. Every field you supply should belong to a person or organization you have explicit, written authorization to test.