Creating custom wordlists for cracking passwords
There are multiple tools that are readily available in Kali Linux to create custom wordlists for cracking passwords offline. We will now take a look at a couple of them.
Using CeWL to map a website
CeWL is a Ruby app that spiders a given URL to a specified depth, optionally following external links, and returns a list of words that can then be used in password crackers, such as John the Ripper. Figure 2.26 provides the custom list of words generated from the Google index page:
Figure 2.26: Creating custom password list using the CeWL from the web pages
These texts extracted from the web pages sometimes include the HTML comments that are left by the developers, which can be very useful for performing more informed attacks.
Extracting words from Twitter using twofi
While we can profile a user on social media platforms such as Facebook, Twitter, and LinkedIn, we can also use twofi, which stands...