{"id":224,"date":"2021-04-25T03:27:51","date_gmt":"2021-04-25T03:27:51","guid":{"rendered":"https:\/\/sirensecurity.io\/blog\/?p=224"},"modified":"2021-07-15T03:04:31","modified_gmt":"2021-07-15T03:04:31","slug":"thats-pretty-cewl","status":"publish","type":"post","link":"https:\/\/sirensecurity.io\/blog\/thats-pretty-cewl\/","title":{"rendered":"That's Pretty Cewl."},"content":{"rendered":"\n<div class=\"wp-block-cover has-background-dim\"><img loading=\"lazy\" decoding=\"async\" width=\"2268\" height=\"1512\" class=\"wp-block-cover__image-background wp-image-90\" alt=\"\" src=\"https:\/\/sirensecurity.io\/blog\/wp-content\/uploads\/2021\/04\/4.jpg\" data-object-fit=\"cover\"\/><div class=\"wp-block-cover__inner-container is-layout-flow wp-block-cover-is-layout-flow\">\n<p class=\"has-vivid-red-color has-text-color\">S1REN<\/p>\n\n\n\n<p class=\"has-text-align-center has-large-font-size\">That's pretty cewl.<\/p>\n<\/div><\/div>\n\n\n\n<p><strong>Custom Content?<\/strong> <em>Custom Wordlist!<\/em><br>Cewl is cewl.<br><br><strong>Kali Website:<\/strong><br>+ https:\/\/tools.kali.org\/password-attacks\/cewl<\/p>\n\n\n\n<p>root@kali:~#<strong> cewl<\/strong> <strong>--help<\/strong><br>CeWL 5.4.3 (Arkanoid) Robin Wood (robin@digi.ninja) (https:\/\/digi.ninja\/)<br>Usage: cewl [OPTIONS] ... &lt;url&gt;<\/p>\n\n\n\n<p>&nbsp; &nbsp; OPTIONS:<br>&nbsp; &nbsp; -h, --help: Show help.<br>&nbsp; &nbsp; -k, --keep: Keep the downloaded file.<br>&nbsp; &nbsp; -d &lt;x&gt;,--depth &lt;x&gt;: Depth to spider to, default 2.<br>&nbsp; &nbsp; -m, --min_word_length: Minimum word length, default 3.<br>&nbsp; &nbsp; -o, --offsite: Let the spider visit other sites.<br>&nbsp; &nbsp; -w, --write: Write the output to the file.<br>&nbsp; &nbsp; -u, --ua &lt;agent&gt;: User agent to send.<br>&nbsp; &nbsp; -n, --no-words: Don't output the wordlist.<br>&nbsp; &nbsp; --with-numbers: Accept words with numbers in as well as just letters<br>&nbsp; &nbsp; -a, --meta: include meta data.<br>&nbsp; &nbsp; --meta_file file: Output file for meta data.<br>&nbsp; &nbsp; -e, --email: Include email addresses.<br>&nbsp; &nbsp; --email_file &lt;file&gt;: Output file for email addresses.<br>&nbsp; &nbsp; --meta-temp-dir &lt;dir&gt;: The temporary directory used by exiftool when parsing files, default \/tmp.<br>&nbsp; &nbsp; -c, --count: Show the count for each word found.<br>&nbsp; &nbsp; -v, --verbose: Verbose.<br>&nbsp; &nbsp; --debug: Extra debug information.<br><br>&nbsp; &nbsp; Authentication<br>&nbsp; &nbsp; --auth_type: Digest or basic.<br>&nbsp; &nbsp; --auth_user: Authentication username.<br>&nbsp; &nbsp; --auth_pass: Authentication password.<br><br>&nbsp; &nbsp; Proxy Support<br>&nbsp; &nbsp; --proxy_host: Proxy host.<br>&nbsp; &nbsp; --proxy_port: Proxy port, default 8080.<br>&nbsp; &nbsp; --proxy_username: Username for proxy, if required.<br>&nbsp; &nbsp; --proxy_password: Password for proxy, if required.<br><br>&nbsp; &nbsp; Headers<br>&nbsp; &nbsp; --header, -H: In format name:value - can pass multiple.<br><br>&nbsp; &nbsp; &lt;url&gt;: The site to spider.<\/p>\n\n\n\n<p><strong>Example - Custom Wordlist:<\/strong><br>$ <strong>cewl<\/strong> <strong>-d<\/strong> 2 <strong>-m<\/strong> 5 <strong>-w<\/strong> \/directory\/thatsCewl.txt https:\/\/exampledomain.com\/<br><strong>-d<\/strong> &lt;x&gt;,--depth &lt;x&gt;: <em><span style=\"text-decoration: underline;\">Depth to spider<\/span><\/em> to, default 2.<br><strong>-m<\/strong>, --min_word_length: <em><span style=\"text-decoration: underline;\">Minimum word length<\/span><\/em>, default 3.<br><strong>-w<\/strong>, --write: Write the <em><span style=\"text-decoration: underline;\">output to the file<\/span>.<\/em><\/p>\n\n\n\n<p><br>I pretty much think to use this whenever I see custom content. An understanding of password policy combined with password manipulations tools is <em>very powerful<\/em>.<br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Custom Content? Custom Wordlist!Cewl is cewl. Kali Website:+ https:\/\/tools.kali.org\/password-attacks\/cewl root@kali:~# cewl --helpCeWL 5.4.3 (Arkanoid) Robin Wood (robin@digi.ninja) (https:\/\/digi.ninja\/)Usage: cewl [OPTIONS] ... &lt;url&gt; &nbsp; &nbsp; OPTIONS:&nbsp; &nbsp; -h, --help: Show help.&nbsp; &nbsp; -k, --keep: Keep the downloaded file.&nbsp; &nbsp; -d &lt;x&gt;,--depth &lt;x&gt;: Depth to spider to, default 2.&nbsp; &nbsp; -m, --min_word_length: Minimum word length, default 3.&nbsp; [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":90,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[15,19,18,17,12,4,16],"class_list":["post-224","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-s1ren","tag-cewl","tag-custom-list","tag-custom-wordlist","tag-kali-linux","tag-pentest","tag-s1ren","tag-tool"],"_links":{"self":[{"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/posts\/224","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/comments?post=224"}],"version-history":[{"count":2,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/posts\/224\/revisions"}],"predecessor-version":[{"id":420,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/posts\/224\/revisions\/420"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/media\/90"}],"wp:attachment":[{"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/media?parent=224"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/categories?post=224"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sirensecurity.io\/blog\/wp-json\/wp\/v2\/tags?post=224"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}