<br /> <div align="center"> <a href="https://github.com/r3nt0n/bopscrk"> <img src="https://github.com/r3nt0n/bopscrk/blob/master/img/logo_raster.svg" alt="Logo" width="80" height="80"> </a> <h3 align="center">bopscrk</h3> <p align="center"> Generate smart and powerful wordlists for targeted attacks <br /> <a href="#usage"><strong>Explore the docs »</strong></a> <br /> <br /> <a href="#about-the-project">View Demo</a> · <a href="https://github.com/r3nt0n/bopscrk/issues">Report Bug</a> · <a href="https://github.com/r3nt0n/bopscrk/issues">Request Feature</a> </p> </div>  <details> <summary>Table of contents</summary> <ol> <li> <a href="#about-the-project">About the Project</a> <ul> <li><a href="#whats-new">What's new</a></li> <li><a href="#built-with">Built with</a></li> </ul> </li> <li> <a href="#getting-started">Getting started</a> <ul> <li><a href="#installation">Installation</a></li> <li><a href="#run-interactive-mode">Run interactive mode</a></li> </ul> </li> <li> <a href="#usage">Usage</a> <ul> <li><a href="#how-it-works">How it works</a></li> <li><a href="#tips">Tips</a></li> <li><a href="#advanced-usage">Advanced usage</a></li> <li><a href="#lyricpass">Lyricpass</a></li> </ul> </li> <li><a href="#roadmap">Roadmap</a></li> <li> <a href="#contributing">Contributing</a> <ul> <li><a href="#contributors">Contributors</a></li> </ul> </li> <li><a href="#changelist">Changelist</a></li> <li><a href="#license">License</a></li> <li><a href="#contact">Contact</a></li> <li><a href="#acknowledgments">Acknowledgments</a></li> <li><a href="#legal-disclaimer">Legal disclaimer</a></li> </ol> </details>

About the Project

Targeted-attack wordlist creator: introduce personal info related to target, combines every word and transforms results into possible passwords. The lyricpass module allows to search lyrics related to artists and include them to the wordlists.
Customizable case and leet transforms: create custom charsets and transforms patterns trough a simple config file.
Interactive mode and one-line command interface supported.
Included in <a href="https://blackarch.org/">BlackArch Linux</a> pentesting distribution and <a href="https://inventory.raw.pm/">Rawsec's Cybersecurity Inventory</a> since August 2019.

Built with

Python 3 (secondary branch keeps Python 2.7 legacy support)
- requests
- alive-progress

What's new

2.4.7 RELEASED (02/09/2024): Speed and performance dramatically increased. New extensive case transform mode allows to generate all possible case transforms.

Getting started

Installation

pip install bopscrk

Alternatively, if you want to clone the repo from Github instead of install it from Pypi:

git clone --recurse-submodules https://github.com/r3nt0n/bopscrk
cd bopscrk
pip install -r requirements.txt

Run interactive mode

bopscrk -i

Usage


  -h, --help         show this help message and exit
  -i, --interactive  interactive mode, the script will ask you about target
  -w                 words to combine comma-separated (non-interactive mode)
  --min              min length for the words to generate (default: 4)
  --max              max length for the words to generate (default: 32)
  -c, --case         enable case transformations
  -l, --leet         enable leet transformations
  -n                 max amount of words to combine each time (default: 2)
  -a , --artists     artists to search song lyrics (comma-separated)
  -o , --output      output file to save the wordlist (default: tmp.txt)
  -C , --config      specify config file to use (default: ./bopscrk.cfg)
  --version          print version and exit

For more information, please refer to the Advanced usage section.

How it works

You have to provide some words which will act as a base.
The lyricpass feature allow to introduce artists. The tool will download all his songs' lyrics and each line will be added as a new word. By default, artist names and a word formed by the initial of word on each phrase, will be added too.
The tool will generate all possible combinations between them.
To generate more combinations, it will add some common separators (e.g. "-", "_", "."), numbers and special chars frequently used in passwords.
You can use leet and case transforms to increase your chances.

Tips

Fields can be left empty.
You can use accentuation in your words and special chars (if you use the non-interactive mode, escape special chars like ' and " with backslashes, e.g.: bopscrk -w John,O\'hara,Doe,foo,bar).
In the others field you can write several words comma-separated. Example: 2C,Flipper.
If you want to produce all possible leet transformations, enable the recursive_leet option in configuration file.
If you want to produce all possible case transformations, enable the extensive_case option in configuration file.
You can select which transforms to apply on lyrics phrases found through the cfg file.
Using the non-interactive mode, you should provide years in the long and short way (1970,70) to get the same result than the interactive mode.
You have to be careful with -n argument. If you set a big value, it could result in too huge wordlists. I recommend values between 2 and 5.
To provide several artist names through command line you should provide it comma-separated. Example: -a johndoe,johnsmith
To provide artist names with spaces through command line you should provide it quotes-enclosed. Example: -a "john doe,john smith"

Advanced usage

Customizing behaviour using .cfg file

In bopscrk.cfg file you can specify your own charsets and enable/disable options:
- extra_combinations (like (john, doe) => 123john, john123, 123doe, doe123, john123doe doe123john) are enabled by default. You can disable it in the configuration file in order to get more focused wordlists.
- separators_chars: characters to use in extra-combinations. Can be a single char or a string of chars, e.g.: !?-/&(
- separators_strings: strings to use in extra-combinations. Can be a single string or a list of strings space-separated, e.g.: 123 34!@
- leet_charset: characters to replace and correspondent substitute in leet transforms, e.g.: e:3 b:8 t:7 a:4
- recursive_leet: enables a recursive call to leet_transforms() function to get all possible leet transforms. WARNING: enabled with huge --max values (e.g.: greater than 18) could take a long time. Can be true or false.
- extensive_case: by default, bopscrk only applies the more common case transforms: all chars to lower, all chars to upper, each char to upper, all pairs to upper, all odds to upper, all consonants to upper and all vowels to upper. You can enable this option to obtain ALL possible case transforms, which can result in much larger wordlists, but might be useful in some scenarios. Can be true or false.
- remove_parenthesis: remove all parenthesis in lyrics found before any transform
- take_initials: produce words based on initial of each word in lyric phrases found (if enabled with remove_parenthesis disabled, it can produce useless words)
- artist_split_by_word: split artist names and add each word as a new one
- lyric_split_by_word: same with lyrics found
- artist_space_replacement: replace spaces in artist names with chars/strings defined in charset
- lyric_space_replacement: same with lyrics found
- space_replacement_chars: characters to insert instead of spaces inside an artist name or a lyric phrase. Can be a single char or a string of chars, e.g.: !?-/&(
- space_replacement_strings: strings to in

Bopscrk

Install / Use

README