Wordlists

To conduct brute force and dictionary attacks, you can generate your own customized wordlists or use pre-compiled wordlists from the internet.

Crunch

Crunch generates a custom password lists that can be used to guess passwords. These include:

crunch [min length] [max length] [charset] [options]crunch 4 4 ABCDEFGHIJKLMNOPQRSTUVWXYZ -o /root/Desktop/wordlist.txtcrunch 5 5 0123456789 -o /root/Desktop/wordlist.txtcrunch 8 8 ABCDEFGHIJKLMNOPQRSTUVWXYZ -t @@@@1980 -o /root/Desktop/wordlist.txtcrunch 1 2 -p Dog Cat Mouse -o /root/Desktop/wordlist.txt

CeWL

CeWL is a ruby app which spiders a given URL to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.

cewl -d $pagedepth -m $minlength -w cewl.txt https://$TARGET

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

https://github.com/danielmiessler/SecLists

PreviousLinux Hashes NextBrute Force Password Attacks & Cracking

hashtagCrunch

hashtagCeWL

hashtagSecLists

Crunch

CeWL

SecLists