Wordlists and Shell on KALI and 3^rd party

 

Use “tree” command to list the directories

 

Web-Shells

cd /usr/share/webshells

è Asp  aspx  cfm  jsp  laudanum  perl  php

Laudanum is  collection of injectable files – recommended!

 

Wordlists

cd /usr/share/seclists

cd /usr/share/wordlists (link to seclists here too and others)

 

Best wordlists for scenarios:

Directory searches: /seclist/Discovery/Web-Content/directory-list-lowercase-2.3-xxxx.txt

Directory searches: /seclist/Discovery/Web-Content/common.txt

(may need to try different size wordlists on CTFs)

Sub-domains: /seclists/Discovery/DNS/subdomains-top1million-5000.txt

Generic: rockyou.txt

PHP: /seclists/Discovery/Web-Content/PHP.fuzz.txt

CMS: /seclists/Discovery/Web-Content/CMS (various text files here)

Tomcat: /seclists/Discovery/Web-Content/ApacheTomcat.fuzz.txt

(also apache.txt – but these are missing ‘/’)

 

Fuzzing:

/SecLists/Fuzzing – various directories (SQLi, XSS, LFI)

-         Text files: LDAP (various), extensions-most-common, char.txt

 

Usernames:

/Seclists/Usernames/top-usernames-shortlists.txt

-         Directory: Names – names.txt

 

Default Credentials:

/SecLists/Passwords/  - various directories (Leaked Databases, Default Credentials)

-         Text files: 500-worst-passwords.txt, darkweb2017-topxxxx.txt, PHP-Magic-Hashes.txt

 

Custom wordlists:

Use Hashcat or John – rules based

Using cewl

 

Online Wordlists Websites:

https://wordlists.assetnote.io/