CeWL

Custom Wordlist Generator

📝 CeWL क्या है?

CeWL (Custom Word List) एक Ruby-based tool है जो website से words scrape करके custom password wordlist generate करता है। यह target website के content, headings, और text को analyze करता है।

👉 Target-specific wordlists बनाने के लिए perfect tool — generic wordlists से better results मिलते हैं।

🔑 CeWL क्या-क्या कर सकता है

Word Scraping

Website से words collect करना

Meta Data

Email addresses और URLs extract

Custom Length

Minimum password length set करना

Depth Control

Website crawl depth adjust करना

With Numbers

Words के साथ numbers add करना

HTTP Auth

Login protected sites पर attack

⚙️ Kali NetHunter / Termux में CeWL install

RubyInstallation Commands

Install Ruby (if not installed)

apt install ruby

Install CeWL gem

gem install cewl

Verify Installation

cewl --help

💻 Basic Commands (Use)

👉 Commands को एक-एक करके use कर सकते हो:

Basic Wordlist Generation

cewl https://example.com -w wordlist.txt

Set Minimum Word Length

cewl https://example.com -w wordlist.txt -m 6

Include Email Addresses

cewl https://example.com -w wordlist.txt -e

Add Numbers to Words

cewl https://example.com -w wordlist.txt --with-numbers

Set Crawl Depth

cewl https://example.com -w wordlist.txt -d 2

🌐 Real Example (Practical समझ)

Example🎯 Custom Wordlist for Target Company
cewl https://targetcompany.com -w company_wordlist.txt -m 8 -d 2

👉 यह target website से relevant words collect करके wordlist बनाएगा

📊 Output समझो

Generated wordlist (company_wordlist.txt) में कुछ ऐसे words होंगे:

targetcompany
management
technology
development
enterprise
services
solutions
innovation
analytics
platform

🧠 इसका मतलब:

Target-specific

Relevant Words

Company के business से related words

Better Results

Higher Success Rate

Generic wordlists से better results मिलते हैं

Hydra/John

Ready to Use

Hydra या John the Ripper में directly use कर सकते हो

👉 इस wordlist का use:

  • hydra -L users.txt -P company_wordlist.txt target ssh
  • john --wordlist=company_wordlist.txt hashes.txt
  • hashcat -m 0 -a 0 hashes.txt company_wordlist.txt

🔥 Advanced Options

With HTTP Authentication

cewl https://protected-site.com -w wordlist.txt -a username:password

Output Word Frequency

cewl https://example.com -w wordlist.txt --count

Write Email Addresses Separately

cewl https://example.com -w wordlist.txt --email_file emails.txt

Uppercase Words Option

cewl https://example.com -w wordlist.txt --uppercase

👉 यह advanced options आपको more control देते हैं → wordlist quality बढ़ती है

⚠️ Important Warning

बिना permission किसी भी website को scrape करना ethical नहीं है

Practice के लिए use करो:

  • Open public websites (Wikipedia, etc.)
  • अपने own websites या blogs
  • Authorized penetration testing targets

⚡ Rate Limiting: बहुत fast scraping से IP block हो सकती है। Use responsibly!

🧩 Related Tools

Hydra

Online password attacks

John the Ripper

Offline password cracking

Hashcat

GPU-based hash cracking

Crunch

Pattern-based generator

💡 Simple समझ

CeWL = "Custom Password Dictionary Maker"

यह target website के content को read करके uske language में password list बनाता है — generic list की जगह personal होती है।