Wordsmith

LSE toolsLSE toolsWordsmith (409)Wordsmith (409)

Tool and Usage

Project details

License
MIT
Programming language
Ruby
Authors
Sanjiv Kawa
Tom Porter
Latest release
2.1.1
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

The primary aim of Wordsmith is to create custom wordlists for security assessments. Wordsmith will create lists with a specific focus on geolocation. The words are based on names of countries, cities, colleges, zip codes, and even sports teams. The generated list can then be used to guess usernames or passwords.

How it works

Wordsmith uses a compressed archive file data.tar.xz on the first run and extracts that into a 'data' directory. This dataset contains the input for the word generation process. This process itself is influenced by the given parameters. The parameters will define what types of data to include, like a city name, sports team, or zip code. Depending on your use-case, you might want to use different wordlists. This is especially when doing a security assessment where you expect users to use weak passwords in their native language.

Usage and audience

Wordsmith is commonly used for wordlist generation. Target users for this tool are auditors and pentesters.

Features

  • Command line interface

Example usage and output

$ ruby wordsmith.rb
wordsmith v2.1.1
Written by: Sanjiv Kawa (@kawabungah) & Tom Porter (@porterhau5)

Usage: ruby wordsmith.rb [options]
Main Arguments:
-I, --input <input> Comma-delimited list of inputs, see -E for examples and detailed usage
Input Options:
-a, --all Grab all options
-b, --other Grab other miscellaneous attributes
-e, --cia Grab demographics compiled by the CIA
-c, --cities Grab all city names
-f, --colleges Grab all college sports
-l, --landmarks Grab all landmarks
-v, --language Grab the most popular language(s)
-N, --all-names Grab all first names and last names
-G, --first-names Grab all first names
-L, --last-names Grab all last names
-p, --phone Grab all area codes
-r, --roads Grab all road names
-g, --religion Grab the most popular religious text(s)
-t, --teams Grab all major sports teams
-u, --counties Grab all counties
-z, --zip Grab all zip codes
--lands Grab all land features
--places Grab all populated places
--structures Grab all structures/buildings
--waters Grab all water/island features

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + Very low number of dependencies
  • + The source code of this software is available

Author and Maintainers

Wordsmith is under development by Sanjiv Kawa, Tom Porter.

Installation

Supported operating systems

Wordsmith is known to work on Linux.

Wordsmith alternatives

Similar tools to Wordsmith:

60

Hash Buster

Hash Buster is a tool that may help to find the cleartext of a hash. This can be useful for hashed versions of common strings and passwords and find the original value. Hash Buster can automatically detect the provided hash type. It supports MD5, SHA1, and SHA2.

64

MalPipe

MalPipe is a modular malware and indicator collection and processing framework. It is designed to pull information about malware, domains, URLs, and IP addresses from multiple feeds. Finally, it will enrich the collected data and export the results.

All Wordsmith alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a data enrichment tool and wordlist generator.

Related topics