CeWL vs CUPP
GitHub Stats
About CeWL
CeWL is a custom wordlist generator that crawls target websites to compile lists of potential passwords from extracted words. Written in Ruby, it helps in generating highly relevant password lists for use in password attacks. CeWL's ability to tailor wordlists to specific targets enhances its effectiveness in cracking attempts, providing a focused approach to password security testing.
About CUPP
CUPP (Common User Passwords Profiler) is a tool that generates custom wordlists based on information gathered about a target individual. Rather than using generic wordlists, CUPP creates targeted password lists by taking inputs like the target's name, birthday, partner's name, pet's name, company, and other personal details, then generating thousands of password permutations using common patterns people use when creating passwords. It applies rules like capitalizing first letters, appending birth years, combining names with special characters, leetspeak substitutions, and other patterns observed in real-world password creation habits. CUPP also supports downloading and parsing existing leaked wordlists and can generate wordlists from OSINT data. The philosophy is simple: people are predictable, and targeted wordlists are far more effective than brute force against human-chosen passwords.
Platform Support
Tags
CeWL only
CUPP only