New Tool Released! CATANA - CUT your Wordlist!

Hello Dears,
I would like to share with all our community a tool that could be useful on HTB mostly during bruteforce attacks.

The tool is CATANA .

The idea of this simple bash tool is the reduction of time of bruteforce attacks according to the Password Policy we detected.

In general, carrying out a bruteforce attack on a login form by wordlists like rockyou.txt could require a lot of time due to the number of strings (currently 14M+ passwords).
In case you are able to infer or detect the Password Policy (i.e., by the registration form), you can use CATANA for “cutting” your wordlists and keeping only the passwords compliant to the Password Policy.

I would appreciate if you have some suggestions or contributions to improve this small project that could help infosec people to perform further tests on the generation of tokens.

Here the link to the GitHub repo:


really cool idea, definitely going to give this a look

1 Like

Wow that is a novel idea!! Good job mate!

1 Like

Nice and handy! added in toolbox

1 Like

thanks for sharing this tool with us,
will check him out and will let you know if there is any suggestions popping out of my head

1 Like