👨‍💻
Hacking Notes
  • Hacking Notes
  • 💅One-Liners
  • ⚔️Offensive
    • Exploit Workflow
    • Recon
      • OSINT
      • DNS
        • Domain Discovery
      • Layer 2 Config and Analysis
      • Port Scanning and Discovery
      • Port Attacks
      • Link it all together
    • Payloads
      • MSFVenom
      • Reverse Shells
    • Websites
      • Enumeration
      • Injection/LFI
      • Session Management
      • Brute Forcing
      • JavaScript & XSS
      • SSRF
      • XXE
      • PHP
    • Password Attacks
      • Brute Forcing
      • Mimikatz
      • Password Cracking
      • Hash Extraction
      • Wordlist Generation
    • Databases
      • SQL
      • Mongodb
    • Microsoft Windows Exploits
      • Enumeration
      • Powershell
      • Cmd
      • Privilege Escalation
      • Active Directory
      • Bloodhound
    • Social Engineering
    • Netcat & Socat
    • File Transfers
    • Metasploit
      • Writing Modules
    • PS Empire
    • Priv Escalation
    • Post Exploitation
    • Pivoting
    • Certs and Secrets
    • NGROK
    • Misc.
  • 🛡️Defensive
    • Defensive Notes
    • Windows Forensics
      • Program Execution Artifacts
      • ASEP Locations
      • Event Logs
    • Linux Forensics
    • Network Forensics
      • tshark
      • Wireshark Filters
    • Memory Forensics
    • Stego
    • Malware Analysis
    • Volatility
  • 🌩️Cloud
    • Scope and Shared Responsibility
    • AWS CLI
    • Azure CLI
    • SaaS Attacks
    • PaaS
  • ⌨️Programming
    • Programming Notes
    • Examples and Quick Scripts
    • PowerShell
    • Pwn
      • Windows Pwn
    • Python
      • Basic Python
      • Modules
      • Working with Files
      • Networking
      • Attack Related
      • Scapy
        • Using Scapy
        • Reading PCAP
    • C
      • Code Examples
      • GDB
    • PHP
Powered by GitBook
On this page
  • Tips and Tricks for Custom Wordlists
  • Create hashcat wordlist

Was this helpful?

  1. Offensive
  2. Password Attacks

Wordlist Generation

Generate with cewl to scrape words from a site or page, also has specific parameters to keep special characters and numbers.

Pay close attention to a specific pattern identified through previous challenges. What the the local sports teams? Known high schools or other popular items in the local area?

Add mangling rules to put special characters at the front and end of the word.

.\hashcat.exe -a 0 -m 500 -O -w 4 -r .\rules\dive.rule c5.hashes

Tips and Tricks for Custom Wordlists

Create all as lowercase, then can move to toggle capitalization with rules

Run the following in lines

Create hashcat wordlist

We can create wordlists using the hashcat rules to accelerate some analysis or use to push on some additional attack methods

 .\hashcat.exe  D:\ctfs\fruits.txt -r .\rules\d3ad0ne.rule --stdout > deadlist.txt
PreviousHash ExtractionNextDatabases

Last updated 3 years ago

Was this helpful?

⚔️