The Latest in IT Security

How to automate a custom password dictionary for your pen test

22
Apr
2016
How to automate a custom password dictionary for your pen test

Numbers on computer screen. Macro photography with visible pixels and shallow depth of field.

When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. Another problem comes from popular tools, many of which are challenging to customize.

The OWASP Basic Expression & Lexicon Variation Algorithms Project (pyOwaspBELVA) is a custom dictionary builder that enables the user to import data from proxies such as ZAP and Burp, substitute letters/numbers/special characters, apply policies to select and remove words, as well as write plugins for extendability. The app also allows the pen tester to create a custom username-based on policy.

Read More

Leave a reply


Categories

FRIDAY, DECEMBER 15, 2017

Featured

Archives

Latest Comments

Social Networks