A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

Related tags

Security related resourceshackingwordlistcybersecurityinfosecinformation-securitywordlist-generatorcyber-securitywordlistscycurity
Overview

WISTER

 __          _______  _____ _______ ______ _____  
 \ \        / /_   _|/ ____|__   __|  ____|  __ \ 
  \ \  /\  / /  | | | (___    | |  | |__  | |__) |
   \ \/  \/ /   | |  \___ \   | |  |  __| |  _  / 
    \  /\  /   _| |_ ____) |  | |  | |____| | \ \ 
     \/  \/   |_____|_____/   |_|  |______|_|  \_\

                                     Cycurity

SUMMARY

A unique wordlist generator with several types of combinations to choose from, or to mix them all. Capable of receiving words from various sources and outputing them to different encoding types.

USAGE

usage: wister.py [-h] [-c [1-5] [[1-5] ...]] [-d [2-5]] [-e FORMAT] [-i FILE] [-l] [-m [0-49]] [-M [1,50]] [-o FILE] [-N] [-v] [-V] [-w WORDS [WORDS ...]]

options:
  -h, --help            show this help message and exit
  -c [1-5] [[1-5] ...], --combination [1-5] [[1-5] ...]
                        Select which types of combinations to use.
  -d [2-5], --depth [2-5]
                        Select the depth of word mixing when using combination mode 1. Default: 3
  -e FORMAT, --encode FORMAT
                        Encode/Hash the generated wordlist with a given algorithm
  -i FILE, --input FILE
                        Select the input file containing the words.
  -l, --list            List the types of combination.
  -m [0-49], --min [0-49]
                        Select minimum characters for output. Default: 0
  -M [1,50], --max [1,50]
                        Select maximum characters for output. Default: 20
  -o FILE, --output FILE
                        Specify the output file. Default: output.lst
  -N, --noprogress      Disables progress bar (increses performance)
  -v, --version         Returns the version of the program.
  -V, --verbose         Verbose the output.
  -w WORDS [WORDS ...], --words WORDS [WORDS ...]
                        Words to generate the output with.

INSTALLATION

The process to install Wister is as simple as cloning the repository to your local machine:

$ sudo apt-get install python3 python3-pip git
$ git clone -q https://github.com/cycurity/wister.git
$ cd wister

MANUAL

    To run the program, you need to pass at least a set of words, using an input file (-i or --input), or passing the words manually using the -w or --words tag. If no more options are passed, the program will just write the specified words to the default output file output.lst.

    There are 5 types of combinations that can be used (with -c or --combination) simultaneously : 1. Word Mix; 2. Case Alternate; 3. Homograph; 4. Reverser; 5. Saltify. To get more information about each type of combination, you should use the list argument (-l or --list). When using the first combination (Word Mix), you can also select the depth (-d / --depth) which will define the number of words being mixed together. By default, this value is set to 3.

    Addicionally, you can define the maximum generated word length (-M or --max) or the minimum number of characters required (-m or --min). By default, the minimum value is set to 0 and the max to 20.

    To specify the desired output file, you must use -o or --output, followed by the filename.

    The verbose option (-V / --verbose) will allow you to follow the generation of the wordlist, by printing the several steps of the program. When this option is enabled, the progress bar is disabled.

    Optionally, the generated wordlist can be encoded or hashed, using -e or --encode, with specific types of algorithms: MD5; Base64; Hexadecimal; URL Encode; SHA1; SHA2-256; SHA2-512; SHA3-256; SHA3-512.

    By default, the progress bar is enabled when verbose mode is not. You can also choose to disable it by using the -N or --noprogress flag. Disabling this feature will increase performance and decrease the overall execution time of the program.

    To print the current program version, use -v or --version.

    To get the usage and help page, use the -h flag or --help.

CREDITS

Development team:

LICENSE

Copyright (C) 2022, Cycurity

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

The software is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

Check out the GNU General Public License: http://www.gnu.org/licenses/

You might also like...
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains
NexScanner is a tool which allows you to scan a website and find the admin login panel and sub-domains

NexScanner NexScanner is a tool which helps you scan a website for sub-domains and also to find login pages in the website like the admin login panel

null 8 Sep 3, 2022
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan
ShoLister - a tool that collects all available subdomains for specific hostname or organization from Shodan

ShoLister is a tool that collects all available subdomains for specific hostname or organization from Shodan. The tool is designed to be used from Penetration Tester and Bug Bounty Hunters.

Eslam Akl 45 Dec 28, 2022
adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.
adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea

null 136 Jan 2, 2023
Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the context, origin of specific files during a digital forensic investigation.

hashlookup 96 Dec 20, 2022
Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses 🕵️
Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses 🕵️

Profil3r is an OSINT tool that allows you to find potential profiles of a person on social networks, as well as their email addresses. This program also alerts you to the presence of a data leak for the found emails.

null 1.1k Aug 24, 2021
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network
NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network

NIVOS is a hacking tool that allows you to scan deeply , crack wifi, see people on your network. It applies to all linux operating systems. And it is improving every day, new packages are added. Thank You For Using NIVOS : [NIVOS Created By NIVO Team]

Error 263 Jan 1, 2023
A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms

A malware to encrypt all the .txt and .jpg files in target computer using RSA algorithms. Change the Blackgound image of targets' computer. and decrypt the targets' encrypted files in our own computer

Li Ka Lok 2 Dec 2, 2022
This program will brute force any Instagram account you send it its way given a list of proxies.

Instagram Bruter This program will brute force any Instagram account you send it its way given a list of proxies. NOTICE I'm no longer maintaining thi

null 1 Nov 15, 2021
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities.
Recon is a script to perform a full recon on a target with the main tools to search for vulnerabilities.

👑 Recon 👑 The step of recognizing a target in both Bug Bounties and Pentest can be very time-consuming. Thinking about it, I decided to create my ow

Dirso 171 Dec 31, 2022
Releases(v1.0.3)

  • v1.0.3(Aug 10, 2022)

    This release comes with the new PyPi packaging. The release is available for those who want to install the tool manually (instructions available at README.md).

    Source code(tar.gz)
    Source code(zip)

  • v1.0.2(Apr 19, 2022)

Owner
Cycurity
Cycurity
GitHub Repository
OMIGOD! OM I GOOD? A free scanner to detect VMs vulnerable to one of the

omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa

Marco Simioni 13 Jul 13, 2022
RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API.

RapiDAST RapiDAST provides a framework for continuous, proactive and fully automated dynamic scanning against web apps/API. Its core engine is OWASP Z

Red Hat Product Security 17 Nov 11, 2022
Password database With special stuff

This is a Password database I made for myself, as I want to keep all my passwords in the same place. but still protected, shall anyone get access to the file. And so I made this simple password datab

9 Oct 30, 2022
Separation of Mainlobes and Sidelobes in the Ultrasound Image Based on the Spatial Covariance (MIST) and Aperture-Domain Spectrum of Received Signals

Separation of Mainlobes and Sidelobes in the Ultrasound Image Based on the Spatial Covariance (MIST) and Aperture-Domain Spectrum of Received Signals

Rehman Ali 3 Jan 03, 2023
Polkit - Local Privilege Escalation (CVE-2021-3560)

CVE-2021-3560 Polkit - Local Privilege Escalation Original discovery by kevin_backhouse from GitHub Security Lab References https://github.blog/2021-0

Salman Asad 1 Nov 12, 2021
The Decompressoin tool for Vxworks MINIFS

MINIFS-Decompression The Decompression tool for Vxworks MINIFS filesystem. USAGE python minifs_decompression.py [target_firmware] The example of Mercu

8 Jan 03, 2023
Small python script to look for common vulnerabilities on SMTP server.

BrokenSMTP BrokenSMTP is a python3 BugBounty/Pentesting tool to look for common vulnerabilities on SMTP server. Supported Vulnerability : Spoofing - T

39 Dec 16, 2022
DNSSEQ: PowerDNS with FALCON Signature Scheme

PowerDNS-based proof-of-concept implementation of DNSSEC using the post-quantum FALCON signature scheme.

Nils Wisiol 4 Feb 03, 2022
🎻 Modularized exploit generation framework

Modularized exploit generation framework for x86_64 binaries Overview This project is still at early stage of development, so you might want to come b

ᴀᴇꜱᴏᴘʜᴏʀ 30 Jan 17, 2022
Monty Hall Problem simulation written in Python.

Monty Hall Problem Simulation monty_hall_sim is a brute-force method of determining the optimal strategy for the Monty Hall Problem. Usage Set boolean

Xavier D 1 Aug 29, 2022
Python implementation for PrintNightmare using standard Impacket.

PrintNightmare Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) using standard Impacket. Installtion $ pip3 install impacket

ollypwn 141 Dec 31, 2022
CVE-2021-44228 log4j 2.x rce漏洞检测工具

#1 使用说明 CVE-2021-44228 log4j 2.x rce漏洞检测工具,对目标链接发起get请求并利用dnslog探测是否有回显 $ python3 log4j-scan.py -h

CoCo ainrm- 4 Jan 13, 2022
Ensure secure infrastructure and consistency with the firewall rules

Python Port Scanner This script tries to check if it's possible to make a connection with the specific endpoint port. This is very useful to ensure se

Allan Avelar 7 Feb 26, 2022
A Python replicated exploit for Webmin 1.580 /file/show.cgi Remote Code Execution

CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C

John Hammond 25 Dec 08, 2022
Python low-interaction honeyclient

Thug The number of client-side attacks has grown significantly in the past few years shifting focus on poorly protected vulnerable clients. Just as th

Angelo Dell'Aera 896 Dec 19, 2022
Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers

Rouge Spammers with a mission to disrupt the peace of the valley ? Fear not we will STOMP the Spammers New Update : adding 'on-review' tag on an issue

A N U S H 13 Sep 19, 2021
Lightweight and beneficial Dependency Injection plugin for apscheduler

Implementation of dependency injection for apscheduler Prerequisites: apscheduler-di solves the problem since apscheduler doesn't support Dependency I

Glib 11 Dec 07, 2022
Python script that sends CVE-2021-44228 log4j payload requests to url list

scan4log4j Python script that sends CVE-2021-44228 log4j payload requests to url list [VERY BETA] using Supply your url list to urls.txt Put your payl

elyesa 5 Nov 09, 2022
CVE-2022-22963 PoC

CVE-2022-22963 CVE-2022-22963 PoC Slight modified for English translation and detection of https://github.com/chaosec2021/Spring-cloud-function-SpEL-R

Nicolas Krassas 104 Dec 08, 2022
On the 11/11/21 the apache 2.4.49-2.4.50 remote command execution POC has been published online and this is a loader so that you can mass exploit servers using this.

ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse

3 Dec 04, 2022