Wordlists
BLACKBIRD’s Fuzzer supports two types of wordlists: managed and custom (private) wordlists.
Wordlists
BLACKBIRD’s Fuzzer supports two types of wordlists: managed and custom (private) wordlists. Managed wordlists are curated, tested, and maintained by our security team, while custom wordlists allow you to upload and use your specialized lists for targeted scanning.
What Is A Managed or Custom Wordlist?
Managed wordlists
Managed wordlists are already pre-configured wordlist files that are regularly updated and maintained by us. These wordlist files are categorized and also available to all customers.
You can use the Fuzzer with a managed wordlist without having to create or upload your wordlist.
Custom wordlists
Custom wordlists are customer-uploaded wordlists and are private by default. Only you (the uploader) can access it and use it with BLACKBIRD’s advanced Fuzzer tool.
Use Cases
Custom wordlists with the advanced Fuzzer open endless possibilities for you as a penetration tester:
- Targeted Bruteforcing: You can generate custom wordlists specifically for your target based on technologies and common keywords to yield more accurate results when bruteforcing.
- Virtual Host (VHOST) Enumeration: You can upload wordlists with hostnames to fuzz for virtual hosts.
- Input Parameter Discovery: You may upload wordlists with common parameter names to discover unreferenced input parameters accepted by certain endpoints or application routes.
- Live Host Enumeration: You may upload a wordlist with subdomains and fuzz for live hosts.
Uploading a Custom Wordlist File
Click here to learn more about how to upload a custom wordlist file.
Using a Wordlist
To use a wordlist file, navigate to your Fuzzing tool. Finally, simply select your wordlist file(s) from the list and the scanner will take care of the rest for you!
Wordlists are only available to BLACKBIRD’s Fuzzer.
Was this page helpful?