gwen001
commented
5 months ago Issue correctly handled, tool is waiting for human validation.
Closed gwen001 closed 4 months ago
gwen001
commented
5 months ago Issue correctly handled, tool is waiting for human validation.
gwen001
commented
4 months ago Tool has been accepted by the team: https://offsec.tools/tool/burp-wordlist-generator
Thank you for your contribution!
[tags]burpsuite,wordlists[/tags] [short_descr]Generates wordlists from the Burp sitemap.[/short_descr] [link] https://github.com/ldcvanderpoel/Burp-Wordlist-Generator [/link] [long_descr] Everyone in offensive cyber security (pentesting/bug bounty) uses the same wordlists (SecLists, WFuzz, Assetnode, etc.). Creating your own custom wordlists is necessary to differentiate yourself from hordes of automated scanners. This Burp extension extracts various kinds of data (path, parameter keys, parameter values, subdomains, etc.) from the Burp sitemap and stores this in respective wordlist files. These wordlists can then be used for directory/dns/parameter brute-forcing.
Currently, the following types of data are collected:
Data is only collected from the following parameter types. Parameters from cookies, multipart forms, and XML attributes are ignored.
Only in-scope data is collected. Only unique entries are stored (per project). Either select the entire sitemap, only process the selected endpoints. [/long_descr] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/e4107b963734162f71d26349dbfd444c.png [/image]