The Latest in IT Security

How to automate a custom password dictionary for your pen test

22
Apr
2016

Numbers on computer screen. Macro photography with visible pixels and shallow depth of field.

When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. Another problem comes from popular tools, many of which are challenging to customize.

The OWASP Basic Expression & Lexicon Variation Algorithms Project (pyOwaspBELVA) is a custom dictionary builder that enables the user to import data from proxies such as ZAP and Burp, substitute letters/numbers/special characters, apply policies to select and remove words, as well as write plugins for extendability. The app also allows the pen tester to create a custom username-based on policy.

Related posts:
  1. Password Best Practices
  2. IOS: Let Me Truncate That Password For You.
  3. Website Implements Password-Free Authentication
  4. Is your password weak?
  5. Google+ expands custom URLs to more people, commoners included

Read More

Tags:  
Written by Feedproxy
0 Comments

Leave a reply


Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments