Choose the right wordlist according to technologies found

yogeshojha / rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

https://yogeshojha.github.io/rengine/

GNU General Public License v3.0

7.25k stars 1.1k forks source link

Choose the right wordlist according to technologies found #954

Open danzee1 opened 10 months ago

danzee1 commented 10 months ago

Hi,

As we know about SecLists. It should be downloaded along with the tool. Instead of letting blindly dirsearch. Dirsearch or other tool like ffuf should choose the relevant technology DIR search file from SecLists to do the directory research on a domain/subdomain.

For example, For a Wordpress subdomain, Rengine will direct the ffuf to choose the wordpress fuzz file from SecLists to do the dir searching.

Also, there is this Javascript recon strategy. Will be great to be implemented in the tool: https://gist.github.com/m4ll0k/31ce0505270e0a022410a50c8b6311ff

github-actions[bot] commented 10 months ago

👋 Hi @danzee1, Issues is only for reporting a bug/feature request. Please read documentation before raising an issue https://rengine.wiki For very limited support, questions, and discussions, please join reNgine Discord channel: https://discord.gg/azv6fzhNCE Please include all the requested and relevant information when opening a bug report. Improper reports will be closed without any response.

psyray commented 10 months ago

Hi, Good idea for wordlists part, hard to implement, feel free to work on it. And your link does not work