TL,DR; download the script here.
In security audits, when we get a password file we -even though we may have admin or root access on the target already- usually grab the password file for offline cracking, just to see if there’s any passwords that users re-use, which would give us more access to other systems.
Doing so, we sometimes find passwords such as “cft6&YGVbhu8“, which by the looks of it seem secure; they have uppercase characters, special characters and numbers. When typing them, you’ll notice that they are keyboard patterns.
For this, I was wondering if it was possible to generate a list of all/many keyboard pattern based passwords, a technique referred to as “key walking“. Some tools exist already, but are often based on predefined patterns (“qwe”, “asdf”, “1qaz”, …). I wanted to make something based on a keyboard layout, so it could be extended. This is KeyWalker; a ruby script that generates keyboard pattern based passwords.