Skip to main content

Common User Passwords Profiler (CUPP) make wordlist

Common User Passwords Profiler (CUPP)
wordlist-generator wordlist dictionary-attack password password-strength weak-passwords
  • 63 commits
  • 2 branches
  • 0 packages
  • 0 releases
  • 8 contributors
    • @Mebus
    Mebus Rawsec inventoried
    Latest commit 986658d on 1 May 2019
    Type Name Latest commit message Commit time
    .gitignore tests for alectodb download and the cow last year
    .travis.yml Coverage last year
    CHANGELOG.md ran 2to3 on cupp.py to make it Python3 compatible last year
    LICENSE added CHANGELOG.md, moved LICENCE from docs/ to ./, deleted docs/ dir… 4 years ago
    README.md Rawsec inventoried 9 months ago
    cupp.cfg use HTTP instead of FTP last year
    cupp.py fix Leet mode, issue #33 10 months ago
    test_cupp.py fix test 11 months ago

    README.md

    CUPP - Common User Passwords Profiler

    Build Status Coverage Status Codacy Badge Rawsec's CyberSecurity Inventory

    About

    The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.
    A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.
    That is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations.

    Requirements

    You need Python 3 to run CUPP.

    Quick start

    $ python3 cupp.py -h

    Options

    Usage: cupp.py [OPTIONS]
        -h      this menu

    -i      Interactive questions for user password profiling

    -w      Use this option to profile existing dictionary,
            or WyD.pl output to make some pwnsauce :)

    -l      Download huge wordlists from repository

    -a      Parse default usernames and passwords directly from Alecto DB.
            Project Alecto uses purified databases of Phenoelit and CIRT which where merged and enhanced.

    -v      Version of the program

    Configuration

    CUPP has configuration file cupp.cfg with instructions.

    License

    This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or any later version.
    This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
    You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
    See './LICENSE' for more information.

    Github import

    This project was imported into https://github.com/Mebus/cupp by Mebus from:
    http://www.remote-exploit.org/content/cupp-3.0.tar.gz
    http://www.remote-exploit.org/articles/misc_research__amp_code/index.html
    to encourage further development of the tool.

    Original author

    Muris Kurgas aka j0rgan
    j0rgan@remote-exploit.org
    http://www.remote-exploit.org
    http://www.azuzi.me

    Contributors

    Comments

    Post a Comment

    Popular posts from this blog

    RouterSploit ..(Exploitation Framework for Embedded Devices)

    RouterSploit - Exploitation Framework for Embedded Devices   The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. click here to video It consists of various modules   that aids penetration testing operations: exploits - modules that take advantage of identified vulnerabilities creds - modules designed to test credentials against network services scanners - modules that check if a target is vulnerable to any exploit payloads - modules that are responsible for generating payloads for various architectures and injection points generic - modules that perform generic attacks Installation Requirements Required: future requests paramiko pysnmp pycrypto Optional: bluepy - bluetooth low energy Installation on Kali Linux apt-get install python3-pip git clone https://www.github.com/threat9/routersploit cd routersploit python3 -m pip install -r requirements.txt python3 rsf.py Bluetooth Low Energy suppo...
    Post a Comment
    Read more

    Embed Payload (Exe) into a PDF Documents – EvilPDF

     Hey folks, today we are going to talk about the tool that can easily add malicious payloads within the .PDF extension files and after which you can easily access any system. As we know it is prohibited to execute malicious payloads inside the window defender system, hence we will send our payload through the PDF files.   Environment Kali Linux = Attacker Window 10 = Victim ( Tested On ) Lets take a look 🙂 !! EvilPDF The EvilPDF tool is specifically designed to embed payloads inside PDF files. It is an open source tool hosted on the github page that we will download using the wget command. git clone https://github.com/thelinuxchoice/evilpdf cd evilpdf 1 2 git clone https://github.com/thelinuxchoice/evilpdf cd evilpdf It require some additional features that we can download using the following command. python -m pip install pypdf2 1 python -m pip install pypdf2 Now we can use this tool using the given command. python evilpdf.py 1 python evilpdf.py In the image below you have t...
    Post a Comment
    Read more

    TheFatRat ( make a bypass antivirus create payload )

    TheFatRat             A Massive Exploiting Tool TheFatRat  is an exploiting tool which compiles a malware with famous payload, and then the compiled maware can be executed on Linux , Windows , Mac and Android.  TheFatRat  Provides An Easy way to create Backdoors and Payload which can bypass most anti-virus. Features ! Fully Automating MSFvenom & Metasploit. Local or remote listener Generation. Easily Make Backdoor by category Operating System. Generate payloads in Various formats. Bypass anti-virus backdoors. File pumper that you can use for increasing the size of your files. The ability to detect external IP & Interface address . Automatically creates AutoRun files for USB / CDROM exploitation Installation Instructions on how to install  TheFatRat git clone https://github.com/Screetsec/TheFatRat.git cd TheFatRat chmod +x setup.sh && ./setup.sh Update cd TheFatRat ./update && c...
    Post a Comment
    Read more