Wordlists with crunch

Crunch is very nice, fast and and well configurable wordlist generator. You can specify character sets and generate wordlists in all possible combinations.

Conditions:

  • Linux/Mac OS X with C compiler and make

For Mac OS X users, just install the Command Line Tools.

Steps:

Download the latest source from SourceForge.net, unzip and compile.

After create the crunch executable you can start to create wordlist files

Examples:

The first example create the wordlist direct in terminal. All words contain 5 letters with chars “a”, “b” and “c”.

The next example create the wordlist into the file (mylist.txt) with 5 numbers of 0 to 9.

Now it should create words with different length from 1 to 3 and mix of chars (A,B,C) and numbers (1,2,3).

There is more, crunch include permutation and defined charsets.

It is possible to use placeholder (like: @ , % and ^), to define the target size of files and compression. You can create wordlists for IBAN, telephone numbers, e-mails and many more. Read the man page of crunch!!!

  • @ will insert lower case characters
  • , will insert upper case characters
  • % will insert numbers
  • ^ will insert symbols

Last comment:

Please be carefully with generated file size!!!

Command line banner grabbing

For security audit, banner grabbing is one of the first activities to determine information about services on a remote computer. This article describe some very simple methods for command line banner grabbing without nmap.

telnet

netcat

curl

-I for fetch only HTTP-header

wget

-q for turn off Wget’s output. -S for print the headers

Create PDF documentation on the fly

In software development, testers need to create a lot of documentation. Mac users can create very comfortable the documentation in PDF.

manpage to PDF

Text to PDF

Image to PDF

Command’s to PDF

Many test steps would be carried out via command line and again later documented. This takes a lot of time and can lead to errors in documentations.

PostScript to PDF

Create test files on the fly

In many cases test files are needed for software tester. Partially with specified file size. With a small set of commands, it is very easy to create these files. In order to check the generated file(s), you can use the following:

Perl:

mkfile:

dd:

base64: