Kali Linux

Haklistgen : Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing

Haklistgen turns any junk text into a usable wordlist for brute-forcing.

Installation

go install github.com/hakluke/haklistgen@latest

Usage Examples

Scrape all words out of an HTTP response to build a directory bruteforce wordlist:

curl https://wikipedia.org | haklistgen

Pipe a list of subdomains to it to generate a wordlist for bruteforcing more subdomains:

subfinder -silent -d example.com | haklistgen

Piping in a custom JavaScript file could yield some interesting results:

curl https://example.com/app.js | haklistgen

You could create a great custom wordlist for a large-scope target doing something like this:

subfinder -silent -d hakluke.com | anew subdomains.txt | httpx -silent | anew urls.txt | hakrawler | anew endpoints.txt | while read url; do curl $url –insecure | haklistgen | anew wordlist.txt; done
cat subdomains.txt urls.txt endpoints.txt | haklistgen | anew wordlist.txt;

This would save subdomains to subdomains.txt, then save httpx output to urls.txt, then crawl each url and save the hakrawler output to endpoints.txt, then fetch every URL in endpoints.txt and make a wordlist out of it, concatenating all of the wordlists to wordlist.txt. Then it takes all of the subdomains and urls, and adds words out of the words in those too.

R K

Recent Posts

JBDev : A Tool For Jailbreak And TrollStore Development

JBDev is a specialized development tool designed to streamline the creation and debugging of jailbreak…

15 hours ago

Kereva LLM Code Scanner : A Revolutionary Tool For Python Applications Using LLMs

The Kereva LLM Code Scanner is an innovative static analysis tool tailored for Python applications…

16 hours ago

Nuclei-Templates-Labs : A Hands-On Security Testing Playground

Nuclei-Templates-Labs is a dynamic and comprehensive repository designed for security researchers, learners, and organizations to…

18 hours ago

SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to…

18 hours ago

ollvm-unflattener : A Tool For Reversing Control Flow Flattening In OLLVM

Control flow flattening is a common obfuscation technique used by OLLVM (Obfuscator-LLVM) to transform executable…

18 hours ago

Cybersecurity – Tools And Their Function

Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…

2 days ago