Allow dnsbrute to accept a list of wordlists

[SpamFaux]

Summary

• The wordlist option on dnsbrute now accepts either a single URL/path (existing behavior) or a list of URLs/paths
• Multiple wordlists are fetched, merged, and deduplicated into a single set before brute-forcing begins
• Fully backward-compatible — single-string configs are unchanged

Motivation

Users with custom subdomain wordlists previously had to choose between the default SecLists wordlist and their own. There was no way to supplement the default without replacing it entirely. With this change, a preset can specify both:

config:
  modules:
    dnsbrute:
      wordlist:
        - https://raw.githubusercontent.com/danielmiessler/SecLists/master/Discovery/DNS/subdomains-top1million-5000.txt
        - /path/to/custom-wordlist.txt

Test plan

• Existing TestDnsbrute and TestDnsbruteCanaryCheck tests pass (no regression)
• New TestDnsbruteMultiWordlist test verifies merged wordlist size, correct deduplication of overlapping entries, and end-to-end discovery of a subdomain sourced from the second wordlist

[github-actions]

📊 Performance Benchmark Report

Comparing dev (baseline) vs feature/dnsbrute-multi-wordlist (current)

📈 Detailed Results (All Benchmarks)

📋 Complete results for all benchmarks - includes both significant and insignificant changes

🧪 Test Name	📏 Base	📏 Current	📈 Change	🎯 Status
Bloom Filter Dns Mutation Tracking Performance	4.47ms	4.36ms	-2.3% ⚪	✅
Bloom Filter Large Scale Dns Brute Force	19.66ms	18.54ms	-5.7% ⚪	✅
Large Closest Match Lookup	359.37ms	358.03ms	-0.4% ⚪	✅
Realistic Closest Match Workload	194.86ms	190.10ms	-2.4% ⚪	✅
Event Memory Medium Scan	1784 B/event	1781 B/event	-0.2% ⚪	✅
Event Memory Large Scan	1768 B/event	1768 B/event	+0.0% ⚪	✅
Event Validation Full Scan Startup Small Batch	416.45ms	416.60ms	+0.0% ⚪	✅
Event Validation Full Scan Startup Large Batch	577.94ms	593.92ms	+2.8% ⚪	✅
Make Event Autodetection Small	31.22ms	31.37ms	+0.5% ⚪	✅
Make Event Autodetection Large	321.25ms	322.80ms	+0.5% ⚪	✅
Make Event Explicit Types	14.03ms	14.19ms	+1.1% ⚪	✅
Excavate Single Thread Small	4.061s	4.125s	+1.6% ⚪	✅
Excavate Single Thread Large	9.572s	9.607s	+0.4% ⚪	✅
Excavate Parallel Tasks Small	4.238s	4.262s	+0.6% ⚪	✅
Excavate Parallel Tasks Large	6.653s	7.376s	+10.9% 🟡🟡	⚠️
Is Ip Performance	3.25ms	3.26ms	+0.3% ⚪	✅
Make Ip Type Performance	11.83ms	11.73ms	-0.8% ⚪	✅
Mixed Ip Operations	4.64ms	4.60ms	-0.8% ⚪	✅
Memory Use Web Crawl	678.4 MB	42.5 MB	-93.7% 🟢🟢🟢	🚀
Memory Use Subdomain Enum	33.3 MB	19.3 MB	-42.0% 🟢🟢🟢	🚀
Scan Throughput 100	4.682s	7.988s	+70.6% 🔴🔴🔴	⚠️
Scan Throughput 1000	36.556s	42.031s	+15.0% 🟡🟡	⚠️
Typical Queue Shuffle	65.78µs	65.07µs	-1.1% ⚪	✅
Priority Queue Shuffle	748.84µs	744.46µs	-0.6% ⚪	✅

🎯 Performance Summary

+ 2 improvements 🚀
! 3 regressions ⚠️
  19 unchanged ✅

🔍 Significant Changes (>10%)

• Excavate Parallel Tasks Large: 10.9% 🐌 slower
• Memory Use Web Crawl: 93.7% 🚀 less memory
• Memory Use Subdomain Enum: 42.0% 🚀 less memory
• Scan Throughput 100: 70.6% 🐌 slower
• Scan Throughput 1000: 15.0% 🐌 slower

---

🐍 Python Version 3.11.15