Project

personal_wordlist_cli

0.0
No commit activity in last 3 years
No release in over 3 years
personal_wordlist_cliturhn/personal_wordlist_cliHomepageDocumentationSource CodeBug TrackerWiki
Generates information aware brute-force dictionaries from given data.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
 Popularity
Downloads
5,102
Stars
1
Forks
1
Watchers
1
 Releases
Current version
0.1.0
Total releases
2
First release
2015-11-20
Latest release
2016-09-11
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2016-04-16
Reverse Dependencies
0

 Dependencies

Development

rspec
>= 3.1.7, ~> 3.1
 Project Readme

Build Status Gem Version

personal_wordlist_cli

personal_wordlist_cli is a CLI application based on the personal_wordlist library. It creates information aware brute-force dictionaries from patterns based on a data.

When you install the gem it will add a pwlcli command to your path.

Installation

Installation using Ruby Gems.

gem install personal_wordlist_cli

Installation using source code.

git clone https://github.com/turhn/personal_wordlist_cli.git && cd personal_wordlist_cli
bundle install
rake install:local

Usage

Output to stdout.

pwlcli generate Patternfile --datafile sample_data.json

pwlcli generate Patternfile -d sample_data.json > pwl_wordlist.txt

Output to a specified filename.

pwlcli generate Patternfile -d sample_data.json -o pwl_wordlist.txt

File Types

  • Patternfile is a Ruby compatible DSL file. Check the example here.
  • Datafile must be a valid json file. All json key names will be available as methods in the Patternfile.

Example

You can use generated wordlists to brute force your WordPress for a forgotten password. WPScan is a good start.

ruby wpscan.rb --url www.example.com --wordlist pwl_wordlist.txt --username admin

You might create dictionaries to unlock zip files:

A simple zip-crack

Just change 'dictionay.txt' with the files created with the command above.

Legal Notice

This tool is created for security intentions not for performing brute-force attacks. First intension was testing weak passwords or recovering forgotten passwords. I cannot be responsible of any misusage of the tool.

Licence

MIT

Contributions

Any contributions are welcomed.