-
Notifications
You must be signed in to change notification settings - Fork 29
buby generate wordlist
Saint Patrick [email protected]
Parses proxy history reponses into a wordlist similar to Robin Wood's CeWL. Best part is since we're working with previously visited pages no spidering is necessary and we minimize trips to the server.
http://blog.portswigger.net/2009/04/using-burp-extender.html
LFILE wordlists/gen_wordlist.txt true Enter the local file to save to WORDLEN 5 false Minimum word length
WORDLEN -- The minimum word length you'd like to use (if left at 5, only words 5 characters or longer are created):
set WORDLEN 6
LFILE -- The file to write to, by default, is datum/wordlists/generated_wordlist.txt. Using this value, you can type reload lfiles and the file will show up in the list. It will be re-useable in any module that has an LFILE option. Keep in mind, if this value is changed you must write out the full path and file name OTHERWISE the file will be written to the wXf directory. Example of changing:
set LFILE /pentest/web/wXf/datum/wordlists/my_gen_wordlist.txt
Let's say you'd like to create a targeted wordlist based off parsed HTML where keywords are created on the fly and written to a file. This would be your module!