When we do pentesting and bug bounty the most important phase is always recon and one of the most important elements for your recon is the wordlist.
It is said that «Your recon is as good as your wordlist is».
In our Kali Linux, there are by default different good wordlists at
$ cd /usr/share/wordlists
While dirb, dirbuster and wfuzz can help you with content and subdomain discovery, rockyou will do it with the password brute-force discovery.
$ cd /usr/share/wordlists/dirb
$ cd /usr/share/wordlists/dirbuster
$ cd /usr/share/wordlists/wfuzz
- websphere.txt cgis.txt
According to its Github description:
It’s a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.https://github.com/danielmiessler/SecLists
$ git clone https://github.com/danielmiessler/SecLists.git
$ apt -y install seclists (from Kali Linux)
Assetnote Wordlists is another valuable resource for your wordlists as they have options for many different areas and the current popular technologies that you can find in your day-to-day scans.
One of the best things about Assetnote Wordlist is as they describe on their site, «Wordlists are generated on the 28th of each month».
- Automatically Generated Wordlists
- Kiterunner Wordlists
- Technology <=> Host Mappings
- Manually Generated Wordlists
You can download all the wordlist using:
wget -r --no-parent -R "index.html*" https://wordlists-cdn.assetnote.io/data/ -nH
or you can just download the specific wordlist using the Download button from the list.