Wordlists

Real-World
Kaonashi
https://github.com/kaonashi-passwords/Kaonashi
Bruteforce (Logins)
Selección de listas
# Default Pairs
seclists/Passwords/Default-Credentials/
​
# Usernames
seclists/Usernames/Names/usernames.txt
Creación de listas con Cupp
# Ejecutar el modo interactivo
cupp -i
Creación de usernames
UsernameGenerator
# Username generator
https://github.com/21y4d/usernameGenerator.git
OSRFramework
# Repo
https://github.com/i3visio/osrframework
​
# Dentro de la instalación del framework
alias_generator.py
Manipulación de listas para políticas de contraseñas
# Remove shorter than 8
sed -ri '/^.{,7}$/d' $WORDLIST
​
# Remove no special chars
sed -ri '/[!-/:[email protected]\[-`\{-~]+/!d' $WORDLIST
​
# Remove no numbers
sed -ri '/[0-9]+/!d' $WORDLIST
Web
Selección de listas
# Directorios
seclists/Discovery/Web-Content/directory-list-2.3-small.txt
​
# Extensiones
seclists/Discovery/Web-Content/web-extensions.txt
​
# Subdominios/Vhosts
seclists/Discovery/DNS/subdomains-top1million-5000.txt
​
# Requests
seclists/Discovery/Web-Content/burp-parameter-names.txt
Eliminando comentarios de la lista
sudo sed -i 's/^\#.*$//g' $WORDLIST && sudo sed -i '/^$/d' $WORDLIST
Creación de listas con Bash
for i in $(seq 1 1000); do echo $i >> $OUTPUT_FILE; done

Última actualización 1yr ago