Day 92/100 Hack and Improvement

Day 92 comes with some readings on CWFF to make custom wordlists.

CWFF to Make Custom Wordlists

From Sam (CoffeeJunkie). Karim Shoair recently released his tool that would make the job of making custom wordlists for different targets much easier at first glance. I gave it a short yesterday with pretty good results on some of the desired endpoints where I wanted to test. You can find the following options with the tool.

CWFF [-h] [--threads] [--github] [--subdomains] [--recursive] [--js-libraries] [--connected-websites] [--juicy-files] [--use-filter-model] [-o] domain

positional arguments:
  domain                Target website(ofc)

optional arguments:
  -h, --help            Show this help message and exit
  --threads             The number of maximum concurrent threads to use (Default:1000)
  --github              Collect endpoints from a given github repo (ex:https://github.com/google/flax)
  --subdomains          Extract endpoints from subdomains also while search in the wayback machine!
  --recursive           Work on extracted endpoints recursively (Adds more endpoints but less accurate sometimes)!
  --js-libraries        Extract endpoints from JS libraries also, not just the JS written by them!
  --connected-websites  Include endpoints extracted from connected websites
  --juicy-files         Include endpoints extracted from juicy files like sitemap.xml and robots.txt
  --use-filter-model    Filter result endpoints with filter_model file
  -o                    The output directory for the endpoints and parameters. (Default: website name)

If you want to give it a shot, you can get the tool here

via GIPHY