4. CeWL
Description:
CeWL (Custom Word List) is a web crawler that creates custom wordlists by extracting words from a target website. This can be helpful for targeted password attacks where typical passwords might be based on terms found on the target’s website.
Examples:
- Generate Wordlist from a Website:
- cewl http://example.com -w wordlist.txt
- Generate Wordlist from a Website:
Explanation: Crawls http://example.com and generates a wordlist (wordlist.txt) containing all unique words found on the website.
- Specify Minimum Word Length:
- cewl http://example.com -m 5 -w wordlist.txt
- Specify Minimum Word Length:
Explanation: Generates a wordlist containing only words of at least 5 characters in length.
- Include Email Addresses:
- cewl http://example.com -e
- Include Email Addresses:
Explanation: Collects email addresses found on the target website (-e flag).
The script to use with this tool.
The script is used to read list of domains from text file called “domain.txt”. Then it will output all results to a text file with the name “emails_date and time stamp”
#!/bin/bash
# Input file containing domains
DOMAINS_FILE=”domains.txt”
# Output file with current date and time
OUTPUT_FILE=”emails_$(date +’%Y-%m-%d_%H-%M-%S’).txt”
# Check if the domains file exists
if [[ ! -f “$DOMAINS_FILE” ]]; then
echo “Error: $DOMAINS_FILE not found!”
exit 1
fi
# Clear the output file if it already exists
> “$OUTPUT_FILE”
# Loop through each domain in the file
while IFS= read -r domain; do
echo “Processing domain: $domain”
# Run CeWL and append results to the output file
cewl -d 2 -m 5 -e -v “https://$domain” >> “$OUTPUT_FILE”
# Add a separator between domains
echo “—————————–” >> “$OUTPUT_FILE”
done < “$DOMAINS_FILE”
echo “Email harvesting complete. Results saved in $OUTPUT_FILE”