Skip to content

Blatzy/CuppNG

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
modules
modules
 
 
.gitignore
.gitignore
 
 
CHANGELOG.md
CHANGELOG.md
 
 
MANIFEST.in
MANIFEST.in
 
 
README.md
README.md
 
 
cuppNG.cfg.example
cuppNG.cfg.example
 
 
cuppNG.py
cuppNG.py
 
 
pyproject.toml
pyproject.toml
 
 
setup.py
setup.py
 
 

Repository files navigation

cuppNG - Password Profiler

Version License Python

Next-generation password profiler for authorized security assessments

Version: 1.0.1 | Author: Blatzy | License: CC BY-NC-SA 4.0

What is cuppNG?

Generates targeted wordlists from user/company profiles for penetration testing. Features AI-powered keyword extraction, web scraping, and smart password pattern generation based on password psychology research.

Key Features:

  • 👤 User & 🏢 Company profile modes
  • 🤖 AI-powered keyword extraction (optional)
  • 🌐 Web scraping with AI fallback
  • 🧠 Research-based password patterns
  • 📊 Interactive wizard with progress tracking

Quick Start

# Install with pipx (recommended)
pipx install git+https://github.com/Blatzy/CuppNG

cuppng --install-config


# Run interactive wizard (config auto-initialized on first run)
cuppng --wizard

First run: cuppNG automatically creates ~/.config/cuppng/cuppNG.cfg with default settings.

Use --install-config to:

  • Manually install configuration on first use
  • Reinstall/reset configuration (with confirmation)

AI Keyword Extraction (Optional but highly recommended)

Enable smart keyword extraction from profiles and websites using OpenRouter AI. WARNING : AI fetching with openrouter/free might take a while (few minutes)

Setup

  1. Get free API key: openrouter.ai/keys

  2. Configure: Edit ~/.config/cuppng/cuppNG.cfg

nano ~/.config/cuppng/cuppNG.cfg
  1. Add your API key in the [openrouter] section:
[openrouter]
api_key = sk-or-v1-xxxxx...  # Your API key here
model = openrouter/free
max_keywords = 15
  1. Done! cuppNG will automatically use AI for keyword extraction.

Optional Settings

Customize AI behavior in [openrouter] section:

model = openrouter/free  # Primary AI model
fallback_model = meta-llama/llama-3.3-70b-instruct:free  # Fallback if primary fails
max_keywords = 15        # Maximum keywords to extract
temperature = 0.7        # AI creativity (0.0-1.0)
timeout = 30            # API timeout in seconds
retry_count = 2         # Number of retries on failure

Note: Works without AI - you'll enter keywords manually. If web scraping fails, the AI will use its knowledge about the company to suggest keywords.

Generation Options

Default (enabled):

  • ✅ Word combinations with separators
  • ✅ Date variations (birthdates, years)
  • ✅ Common patterns (Name+Year, Email-like)
  • ✅ Realistic combinations (password psychology)

Optional (disabled by default):

  • ⬜ Numbers suffix (0-99)
  • ⬜ Year range (1950-2025)
  • ⬜ Special characters (!, !!)
  • ⬜ Leet speak (p4ssw0rd)
  • ⬜ Reversed keywords
  • ⬜ Capitalization variants

Configuration

Location: ~/.config/cuppng/cuppNG.cfg (auto-created on first run)

Future Improvements

  • Support for full JavaScript websites (SPA/React/Angular) via headless browser scraping
  • Multi-website scraping for User profile generation (personal website, fan page, etc.)

License

CC BY-NC-SA 4.0 - Free for non-commercial use with attribution.

Full license details

Disclaimer

⚠️ For authorized security testing only. Always obtain proper authorization before use.

Credits

Inspired by CUPP and Longtongue

Happy (authorized) cracking! 🔐

About

Taking wordlist generation to the next level.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages