CUPP vs Hashcat
GitHub Stats
About CUPP
CUPP (Common User Passwords Profiler) is a tool that generates custom wordlists based on information gathered about a target individual. Rather than using generic wordlists, CUPP creates targeted password lists by taking inputs like the target's name, birthday, partner's name, pet's name, company, and other personal details, then generating thousands of password permutations using common patterns people use when creating passwords. It applies rules like capitalizing first letters, appending birth years, combining names with special characters, leetspeak substitutions, and other patterns observed in real-world password creation habits. CUPP also supports downloading and parsing existing leaked wordlists and can generate wordlists from OSINT data. The philosophy is simple: people are predictable, and targeted wordlists are far more effective than brute force against human-chosen passwords.
About Hashcat
Hashcat is the world's fastest and most advanced password recovery utility, supporting over 300 highly optimized hashing algorithms. It leverages GPU acceleration to crack hashes at unprecedented speeds. Hashcat supports multiple attack modes including dictionary attacks, brute-force, combinator, mask attacks, rule-based attacks, and hybrid attacks. It runs on Linux, Windows, and macOS and supports every major GPU vendor.
Platform Support
Tags
CUPP only
Hashcat only