Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
In this lab, Subject Matter Expert Dean Pompilio demonstrates Cewl, a simple and useful tool for generating word lists for use with a password cracking tool. Cewl is built into Kali, or it can be downloaded and run from other UNIX systems. SME Pompilio gives an example of how a Social Engineer would use Cewl's spidering process to generate a word list for password cracking and how the output is evaluated. You will learn to
- run the program
- examine the Help function
- understand the various options in Cewl
- specify the spidering depth
- specify word length
- specify an output file
- specify a proxy
- determine whether to use the offsite parameter
- search for metadata and save to a file
- search for email addresses and save to a file
The large number of words (13,325) and email addresses (82) discovered by the process run in the example can be used with a password cracking tool, and those results will be used in your Social Engineering audit.