Build Wordlist
Scrap a website
The cewl command scrapes a website and return all the words contains in the pages of the application.
cewl <website> -w <output file>It is also possible to filter the words returned by indicating a minimum number of letters:
cewl <website> -m 6 -w <output file>Create more complex passwords
From a simple wordlist made by hand or from tools like cewl, it is possible to create even more complex wordlists.
To do so, invoke john as shown below:
john --wordlist=<initial wordlist> --rules --stdout > <complex wordlist>Specify --rules=All to use all available rules and get more possibilities.
Generate passwords following specific patterns
Crunch, included with Kali Linux, is a powerful wordlist generator that can create a wordlist containing every possible password that matches the defined pattern.
@
Lower case alpha characters
,
Upper case alpha characters
%
Numeric characters
^
Special characters including space
For example, specify a minimum and maximum word length of eight characters (8 8) and describe the rule pattern with -t ,@@^^%%%:
crunch 8 8 -t ,@@^^%%%Last updated