You might never heard of CeWL wordlist generator before, Today we’re going to generate wordlist based on any website keywords used in URL parameter. It crawls website source code and generate custom wordlist through those interesting words or options which we’ll give, CeWL is per-installed in Kali Linux.
You can find it here:
Applications > Password Attacks > Password Profiling & Wordlists > CeWL
or You can simple run directly through you’re terminal which most of you guys going to do.
How to use CeWL: Custom Wordlist Generator?
This tool targets a person which creates content on his website or page relevant to his personal life or passwords thus it is not safe to use that kind of words, which may be like a pet name or anything else.
We can use CeWL to create custom wordlists for password cracking targets other than employees at a particular company. For instance, if we know the individual who is our target is a soccer fan, we use CeWL to crawl a soccer site to grab soccer related words. That is, we can use CeWL to create specific password lists based upon just about any subject area by simply crawling a website to grab potential keywords.
root@TheHackerToday:~/Desktop# cewl --help
CeWL 5.3 (Heading Upwards) Robin Wood (firstname.lastname@example.org) (https://digi.ninja/)
Usage: cewl [OPTION] ... URL
--help, -h: show help
--keep, -k: keep the downloaded file
--depth x, -d x: depth to spider to, default 2
--min_word_length, -m: minimum word length, default 3
--offsite, -o: let the spider visit other sites
--write, -w file: write the output to the file
--ua, -u user-agent: user agent to send
--no-words, -n: don't output the wordlist
--meta, -a include meta data
--meta_file file: output file for meta data
--email, -e include email addresses
--email_file file: output file for email addresses
--meta-temp-dir directory: the temporary directory used by exiftool when parsing files, default /tmp
--count, -c: show the count for each word found
--auth_type: digest or basic
--auth_user: authentication username
--auth_pass: authentication password
--proxy_host: proxy host
--proxy_port: proxy port, default 8080
--proxy_username: username for proxy, if required
--proxy_password: password for proxy, if required
--header, -H: in format name:value - can pass multiple
--verbose, -v: verbose
URL: The site to spider.
To use this tool you can type the following command.
root@TheHackerToday:~/Desktop# cewl -w wordlist.txt -d 5 -m 5 www.pentest-standard.org
Let’s break that down.
- -w wordlist.txt: the -w means write to the file name that follows.
- -d 5: the depth (in this case, 5) that CeWL will crawl to website.
- -m 5: the minimum word length; in this case it will grab words of 5 characters minimum.
- www.pentest-standard.org: the website we are crawling.
This will generate a wordlist like,
Sometimes this tool can be useful for CTF’s challenges because most of the times machine developers leave passwords hints in some pages which we have to manually check but using CeWL we can easily generate word-list with all contained keywords 🙂