Add wordlist category selection

README.md

@@ -103,6 +103,7 @@ Wordlists (IMPORTANT)
   - For wordlists without `%EXT%` (like [SecLists](https://github.com/danielmiessler/SecLists)), **-f | --force-extensions** switch is required to append extensions to every word in wordlist, as well as the `/`.
   - To apply your extensions to wordlist entries that have extensions already, use **-O** | **--overwrite-extensions** (Note: some extensions are excluded from being overwritted such as *.log*, *.json*, *.xml*, ... or media extensions like *.jpg*, *.png*)
   - To use multiple wordlists, you can separate your wordlists with commas. Example: `wordlist1.txt,wordlist2.txt`.
+  - Bundled wordlist categories live in `db/categories/` and can be selected with **--wordlist-categories**. Available: `extensions`, `conf`, `vcs`, `backups`, `db`, `logs`, `keys`, `web`, `common` (use `all` to include everything).
 
 <details>
 <summary><strong>Wordlist Examples (click to expand)</strong></summary>
@@ -187,6 +188,10 @@ Options:
     -w WORDLISTS, --wordlists=WORDLISTS
                         Wordlist files or directories contain wordlists
                         (separated by commas)
+    --wordlist-categories=CATEGORIES
+                        Comma-separated wordlist category names (e.g.
+                        common,conf,web). Use 'all' to include all bundled
+                        categories
     -e EXTENSIONS, --extensions=EXTENSIONS
                         Extension list separated by commas (e.g. php,asp)
     -f, --force-extensions

config.ini

@@ -40,6 +40,7 @@ capital = False
 #prefixes = .,admin
 #suffixes = ~,.bak
 #wordlists = /path/to/wordlist1.txt,/path/to/wordlist2.txt
+#wordlist-categories = common,conf,web
 
 [request]
 http-method = get

db/categories/backups.txt

@@ -1,31 +1,34 @@
 .backup
 .bak
-.bak_0.log
 .cc-ban.txt.bak
+.config.inc.php.swp
+.config.php.swp
+.configuration.php.swp
+.htaccess.BAK
 .htaccess.bak
-.htaccess.bak1
 .htaccess.old
+.htaccess.orig
 .htaccess~
 .htpasswd.bak
 .index.php.swp
+.keys.yml.swp
 .localsettings.php.swp
 .old
-.oldsnippets
-.oldstatic
 .settings.php.swp
 .ssh/id_rsa.key~
 .ssh/id_rsa.priv~
 .ssh/id_rsa.pub~
 .ssh/id_rsa~
 .ssh/know_hosts~
+.swo
 .swp
+.travis.yml.swp
+.travis.yml~
 .wp-config.php.swp
 .wp-config.swp
 admin.old
-admin/includes/configure.php~
 admin2.old
-admin2.old/
-archi~1/
+app/etc/local.xml.bak
 backup.inc.old
 backup.old
 backup.sql.old
@@ -43,144 +46,63 @@ conf.php.bak
 conf.php.old
 conf.php.swp
 conf.swp
-config.bak
-config.inc.bak
-config.inc.old
-config.inc.php~
-config.inc~
-config.json.bak
-config.local.php~
-config.old
-config.php.bak
-config.php.inc~
-config.php.old
-config.php.swp
-config.php~
-config.swp
-configuration.inc.php~
-configuration.php.bak
-configuration.php.old
-configuration.php.swp
-configuration.php~
-configuration.swp
-configuration~
-configure.php.bak
-config~
+config/database.yml~
 conf~
+database.yml~
 dump.inc.old
 dump.old
 dump.sql.old
-env.bak/
 Files/binder.backup
 global.asa.bak
 global.asa.old
+global.asa.orig
 global.asax.bak
 global.asax.old
+global.asax.orig
 htaccess.backup
 htaccess.bak
 htaccess.old
 htpasswd.bak
 htpasswd/htpasswd.bak
-includes/configure.php~
+httpd.conf.backup
 index.backup
 index.bak
 index.old
+index.orig
 index.php.bak
 index.php~
 index1.bak
 index2.bak
 index~
-index~1
 install.bak
-install~/
 local_conf.php.bak
 localsettings.php.bak
 localsettings.php.old
 localsettings.php.swp
 localsettings.php~
-m4/lt~obsolete.m4
 maintenance.flag.bak
 Makefile.old
 MANIFEST.bak
-Micros~1/
 Mkfile.old
 passwd.bak
+php.ini~
 phpini.bak
-phpMyAdmin.old/index.php
-progra~1
 sample.txt~
 secring.bak
 settings.php.bak
 settings.php.old
 settings.php.swp
 settings.php~
 Vagrantfile.backup
-venv.bak/
-WebSer~1
+web.config.bak
+web.config.old
 wp-config.bak
 wp-config.old
 wp-config.php.backup
 wp-config.php.bak
-wp-config.php.bak1
 wp-config.php.old
+wp-config.php.orig
+wp-config.php.original
+wp-config.php.swo
 wp-config.php.swp
 wp-config.php~
-~/
-~adm
-~admin
-~admin/
-~administrator
-~anonymous
-~apache
-~backup
-~bin
-~daemon
-~data
-~database
-~db
-~firewall
-~ftp
-~fw
-~fwadmin
-~fwuser
-~games
-~gdm
-~gopher
-~guest
-~halt
-~help
-~helpdesk
-~http
-~ident
-~lp
-~mail
-~mailnull
-~news
-~nobody
-~nscd
-~office
-~operator
-~pop
-~postmaster
-~reception
-~root
-~rpc
-~rpcuser
-~shutdown
-~sql
-~staff
-~sync
-~system
-~test
-~testuser
-~toor
-~user
-~user1
-~user2
-~user3
-~user4
-~user5
-~uucp
-~web
-~www
-~xfs