Wordlists for your daily work

When we do pentesting and bug bounty the most important phase is always recon and one of the most important elements for your recon is the wordlist.

It is said that «Your recon is as good as your wordlist is».

In our Kali Linux, there are by default different good wordlists at /usr/share/wordlists:

$ cd /usr/share/wordlists

  • dirb
  • dirbuster
  • fasttrack.txt
  • fern-wifi
  • metasploit
  • nmap.lst
  • rockyou.txt
  • wfuzz

While dirb, dirbuster and wfuzz can help you with content and subdomain discovery, rockyou will do it with the password brute-force discovery.

Dirb

$ cd /usr/share/wordlists/dirb

  • catala.txt
  • common.txt
  • euskera.txt
  • extensions_common.txt
  • indexes.txt
  • mutations_common.txt
  • others
  • small.txt
  • spanish.txt
  • stress
  • vulns

Dirbuster

$ cd /usr/share/wordlists/dirbuster

  • directory-list-lowercase-2.3-medium.txt
  • apache-user-enum-2.0.txt
  • directory-list-1.0.txt
  • directory-list-2.3-small.txt
  • directory-list-lowercase-2.3-small.txt

Wfuzz

$ cd /usr/share/wordlists/wfuzz

  • Injections
  • others
  • stress
  • vulns
  • webservices

General

  • admin-panels.txt
  • big.txt
  • catala.txt
  • common.txt
  • euskera.txt
  • extensions_common.txt
  • http_methods.txt
  • medium.txt
  • megabeast.txt
  • mutations_common.txt
  • spanish.txt
  • test.txt

Injections

  • All_attack.txt
  • bad_chars.txt
  • SQL.txt
  • Traversal.txt
  • XML.txt
  • XSS.txt

Others

  • common_pass.txt
  • names.txt

Stress

  • alphanum_case_extra.txt
  • alphanum_case.txt
  • char.txt
  • doble_uri_hex.txt
  • test_ext.txt
  • uri_hex.txt

Vulns

  • apache.txt
  • coldfusion.txt
  • dirTraversal.txt
  • domino.txt
  • fatwire.txt
  • iis.txt
  • jrun.txt
  • oracle9i.txt
  • sql_inj.txt
  • tests.txt
  • vignette.txt
  • websphere.txt cgis.txt
  • dirTraversal-nix.txt
  • dirTraversal-win.txt
  • fatwire_pagenames.txt
  • frontpage.txt
  • iplanet.txt
  • netware.txt
  • sharepoint.txt
  • sunas.txt
  • tomcat.txt
  • weblogic.txt

Webservices

  • ws-dirs.txt
  • ws-files.txt

Seclists

According to its Github description:

It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

https://github.com/danielmiessler/SecLists

Install

$ git clone https://github.com/danielmiessler/SecLists.git

or

$ apt -y install seclists (from Kali Linux)

Wordlists categories

Assetnote Wordlists

Assetnote Wordlists is another valuable resource for your wordlists as they have options for many different areas and the current popular technologies that you can find in your day-to-day scans.

One of the best things about Assetnote Wordlist is as they describe on their site, «Wordlists are generated on the 28th of each month».

Wordlists categories

  • Automatically Generated Wordlists
  • Kiterunner Wordlists
  • Technology <=> Host Mappings
  • Manually Generated Wordlists

You can download all the wordlist using:

wget -r --no-parent -R "index.html*" https://wordlists-cdn.assetnote.io/data/ -nH

or you can just download the specific wordlist using the Download button from the list.

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *