What Is Combo List?

Combo List definition and explanation.

A combo list is a text file that contains a list of leaked usernames and passwords in a specific format. The passwords are usually obtained from different breaches and collectively stored within a file. These files may be fed into automatic brute-forcing tools that test multiple credentials on different accounts or website logins until a match is found.

A common example would be credential stuffing attacks. A tool like SentryMBA, an account checker, would use a combo list to automatically check which accounts are valid for a site. Once these accounts have been validated then they will be subject to a full account takeover and, inevitably, some sort of fraud.