General
Examine the small selection of tools provided here and identify the one that is most relevant to your requirements.
- CUPP
- Mentalist
- Cewl
- Crunch
CUPP
- command
python3 cupp.py -h
python3 cupp.py -i (Interactive mod, Ask you question about your target)
puthon4 cupp.py -l (Download Pre-created wordlists to your machine)
Mentalist
Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat (opens in a new tab) and John the Ripper.
Cewl (Only work for english website)
Tools such as Cewl can be used to effectively crawl a website and extract strings or keywords. Cewl is a powerful tool to generate a wordlist specific to a given company or target. Consider the following example below:
cewl -w list.txt -d 5 -m 5 http://example.com
-w ---> Will write the contents to a file. In this case, list.txt. -m 5 ---> Gathers strings (words) that are 5 characters or more -d 5 ---> Is the depth level of web crawling/spidering (default 2)
Username Generator
Gathering employees' names in the enumeration stage is essential. We can generate username lists from the target's website. For the following example, we'll assume we have a {first name} {last name} (ex: John Smith) and a method of generating usernames.
This can be usefull to generate username list for Acive Directory
Example
- **{first name}:** john
- **{last name}:** smith
- **{first name}{last name}: johnsmith**
- **{last name}{first name}: smithjohn**
- first letter of the **{first name}{last name}: jsmith**
- first letter of the **{last name}{first name}: sjohn**
- first letter of the **{first name}.{last name}: j.smith**
- first letter of the **{first name}-{last name}: j-smith**
- and so on
git clone https://github.com/therodri2/username_generator.git
cd username_generator
python3 username_generator.py -h
echo "John Smith" > users.lst
python3 username_generator.py -w users.lst
Crunch
Crunch allow you to create custom brute force worlist (related to characters lengh)
Simple
crunch 2 2 01234abcd -o crunch.txt
- The following example creates a wordlist containing all possible combinations of 2 characters, including 0-4 and a-d. We can use the -o argument and specify a file to save the output to.
Include a know variable (Example: We want that all password start with pass)
crunch 6 6 -t "pass%%" -o crunch.txt
- We can use the % symbol from above to match the numbers. Here we generate a wordlist that contains pass followed by 2 numbers.
![[Pasted image 20230317202043.png]]