x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/Others/Wordlist/1.Generate.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

84 lines
3.2 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

## General
Examine the small selection of tools provided here and identify the one that is most relevant to your requirements.
- CUPP
- Mentalist
- Cewl
- Crunch
## CUPP
- command
```Terminal
python3 cupp.py -h
python3 cupp.py -i (Interactive mod, Ask you question about your target)
puthon4 cupp.py -l (Download Pre-created wordlists to your machine)
```
![cupp-example](https://github.com/Mebus/cupp/raw/master/screenshots/cupp-example.gif)
## Mentalist
Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with [Hashcat](https://hashcat.net/hashcat) and [John the Ripper](http://www.openwall.com/john).
![Mentalist GUI](https://camo.githubusercontent.com/4eb268cbdaf7e2a09a3be4b1c7a2a32b47e9f6e568a9b34d549bfbfb512b684a/68747470733a2f2f73633074667265652e73717561726573706163652e636f6d2f732f6d656e74616c6973742d726561646d652d6775692e676966)
## Cewl (Only work for english website)
Tools such as Cewl can be used to effectively crawl a website and extract strings or keywords. Cewl is a powerful tool to generate a wordlist specific to a given company or target. Consider the following example below:
```
cewl -w list.txt -d 5 -m 5 http://example.com
```
-w  ---> Will write the contents to a file. In this case, list.txt.
-m 5  ---> Gathers strings (words) that are 5 characters or more
-d 5  ---> Is the depth level of web crawling/spidering (default 2)
## Username Generator
Gathering employees' names in the enumeration stage is essential. We can generate username lists from the target's website. For the following example, we'll assume we have a {first name} {last name} (ex: John Smith) and a method of generating usernames.
**This can be usefull to generate username list for Acive Directory**
Example
```
- **{first name}:** john
- **{last name}:** smith
- **{first name}{last name}:  johnsmith** 
- **{last name}{first name}:  smithjohn**  
- first letter of the **{first name}{last name}: jsmith** 
- first letter of the **{last name}{first name}: sjohn**  
- first letter of the **{first name}.{last name}: j.smith** 
- first letter of the **{first name}-{last name}: j-smith** 
- and so on
```
```
git clone https://github.com/therodri2/username_generator.git
cd username_generator
python3 username_generator.py -h
echo "John Smith" > users.lst
python3 username_generator.py -w users.lst
```
## Crunch
Crunch allow you to create custom brute force worlist (related to characters lengh)
Simple
```
crunch 2 2 01234abcd -o crunch.txt
```
- The following example creates a wordlist containing all possible combinations of 2 characters, including 0-4 and a-d. We can use the -o argument and specify a file to save the output to.
Include a know variable (Example: We want that all password start with pass)
```
crunch 6 6 -t "pass%%" -o crunch.txt
```
- We can use the % symbol from above to match the numbers. Here we generate a wordlist that contains pass followed by 2 numbers.
![[Pasted image 20230317202043.png]]
Reference in a new issue View git blame Copy permalink