/\_____/\ / o o \ ( == ^ == ) ) ( ( ) ( ( ) ( ) ) (__(__)___(__)__)
"On the internet, everybody knows you're a cat."
Create and manage alternate digital identities for privacy protection, OSINT defense, and reducing your digital footprint.
Features • Installation • Quick Start • Usage • Docker • WiFi • How It Works • FAQ
git clone https://github.com/yourrepo/spicy-cat.git && cd spicy-cat && ./spicy-cat.sh install| Feature | Description |
|---|---|
| 🎭 Generate fake identities | Create complete personas with names, backstories, email patterns |
| 🛡️ Defeat data brokers | Pollute your digital footprint with convincing decoy data |
| ✍️ Anti-stylometry | 9 writing styles to prevent writing fingerprinting |
| 🦊 Anonymous browsing | Firefox profiles with Tor integration |
| 📊 Live dashboard | Monitor your current identity with cat animations |
| 🐳 Docker privacy container | Full fingerprint protection in isolated containers |
| 📡 WiFi AP confusion | 3 modes: nowhere, targeted, mimic - confuse WiFi trackers |
| 🤖 Agentic protection | Autonomous agent adjusts defenses in real-time |
| 🔀 10 telemetry methods | Phantom swarm, DNS chaff, TLS shuffle, and 7 more |
| Limitation | Details |
|---|---|
| 🚫 Not a VPN/Tor replacement | Use alongside proper network anonymity tools |
| 🚫 Not foolproof fingerprint protection | Advanced browser fingerprinting requires Tor Browser |
| 🚫 Not magic | Won't protect against sophisticated adversaries (nation-states) |
| 🚫 Not opsec training | You must still practice good operational security |
TL;DR: spicy-cat handles identity generation and behavioral camouflage. For network-level anonymity, pair it with VPN/Tor.
spicy-cat is a privacy tool that helps you:
- Generate complete fake identities with realistic details
- Defeat people search engines and data brokers
- Protect against stylometry (writing style fingerprinting)
- Create convincing online personas for OSINT defense
- Reduce your digital footprint while browsing
- Safely conduct research without exposing your real identity
"Curiosity killed the cat, but anonymity brought it back."
- Full personas: name, age, location, occupation, backstory
- Email patterns and username styles
- Localized data (US, UK, Germany, etc.) via Faker
- Chaotic randomization for organic, non-patterned output
- Markov-based writing styles to defeat stylometry
- Activity patterns that mimic real human behavior
- Identity drift - subtle, natural evolution over time
- Multiple personality modes: formal, casual, terse, verbose, gen-z
- Built on Lorenz attractors and logistic maps
- Generates unpredictable but reproducible patterns
- Creates organic-looking behavioral noise
- Avoids algorithmic fingerprints
- Automatic Firefox profile creation
- Privacy-hardened settings pre-configured
- Optional Tor routing
- Isolated browsing per identity
- Live terminal UI showing "who you are"
- Identity age and rotation suggestions
- Behavioral state monitoring
- Compact mode for shell prompts
- Background service for persistent identity
- Scheduled rotation
- Unix socket for IPC
- Set it and forget it
git clone https://github.com/yourrepo/spicy-cat.git
cd spicy-cat
./spicy-cat.sh install# Clone
git clone https://github.com/yourrepo/spicy-cat.git
cd spicy-cat
# Install dependencies
pip install faker cryptography # Optional but recommended
# Run directly
python3 spicy-cat.py --help| Package | Required | Purpose |
|---|---|---|
| Python 3.8+ | ✅ Yes | Core runtime |
| faker | ⭐ Recommended | Rich, localized identity data |
| cryptography | 💡 Optional | Secure identity storage |
| Firefox | 💡 Optional | Browser profile feature |
| Tor | 💡 Optional | Anonymous browsing |
Install everything on Debian/Ubuntu:
./spicy-cat.sh deps
# Or manually:
sudo apt install python3 python3-pip firefox tor
pip install faker cryptography# Generate your first identity
spicy-cat new
# See who you are
spicy-cat show
# Launch anonymous browser
spicy-cat browse --tor
# Live dashboard
spicy-cat dashboardThat's it. You're now someone else. =^.^=
/\_/\
( o.o ) spicy-cat v1.0.0 "Curious Whiskers"
> ^ < The purrfect anonymity tool
Commands:
new Generate new identity
show Display identity details
list List saved identities
delete Remove identity
rotate Switch identities
browse Launch Firefox with identity
dashboard Live status display (with cat animation!)
daemon Background service
export Export identity data
traffic Generate decoy traffic (9 issue types)
# Basic (uses en_US locale)
spicy-cat new
# German identity
spicy-cat new --locale de_DE
# Custom name, temporary (not saved)
spicy-cat new --name "work_alias" --temp
# French Canadian
spicy-cat new --locale fr_CA --name "montreal_persona"# Show current/default identity
spicy-cat show
# Show specific identity
spicy-cat show work_alias
# List all saved identities
spicy-cat list# Launch Firefox with identity profile
spicy-cat browse
# Use specific identity
spicy-cat browse work_alias
# Route through Tor
spicy-cat browse --tor
# Open specific URL
spicy-cat browse --url "https://example.com"# Interactive dashboard
spicy-cat dashboard
# Specific identity
spicy-cat dashboard work_aliasDashboard Controls:
| Key | Action |
|---|---|
q |
Quit |
r |
Rotate identity |
n |
New identity |
c |
New random cat GIF URL |
g |
Toggle cat animation |
? |
Help |
# Start daemon
spicy-cat daemon start
# Check status
spicy-cat daemon status
# Stop daemon
spicy-cat daemon stop# Full JSON export
spicy-cat export work_alias
# Minimal text format
spicy-cat export work_alias --format minimal
# CSV (for spreadsheets)
spicy-cat export work_alias --format csvGenerate fake network traffic that looks like system issues to mask real activity:
# List all 9 issue types
spicy-cat traffic --list-types
# Generate 5 random decoy events
spicy-cat traffic
# Generate specific issue types (by number or name)
spicy-cat traffic --type 1 --type 3 # DNS + SSL errors
spicy-cat traffic --type dns_failure --type ssl_error
# Run continuously in background
spicy-cat traffic --background --interval 10
# Verbose output with details
spicy-cat traffic --type 4 --count 3 --verboseAvailable Issue Types:
| # | Type | Description |
|---|---|---|
| 1 | dns_failure |
DNS resolution failures (NXDOMAIN, timeouts) |
| 2 | connection_timeout |
TCP connection timeouts to unreachable hosts |
| 3 | ssl_error |
SSL/TLS certificate and handshake errors |
| 4 | service_unavailable |
HTTP 503 Service Unavailable responses |
| 5 | packet_loss |
UDP packet loss and retransmission patterns |
| 6 | bandwidth_throttle |
Slow/stalled downloads, bandwidth throttling |
| 7 | auth_loop |
Failed authentication attempts, OAuth loops |
| 8 | rate_limited |
HTTP 429 Too Many Requests (API rate limiting) |
| 9 | proxy_error |
HTTP 502/504 gateway and proxy errors |
Simulate malware-like network patterns for security training, IDS testing, honeypots, and CTF challenges:
# List malware behavior types
spicy-cat traffic --malware --list-types
# Generate C2 beaconing and ransomware patterns
spicy-cat traffic --malware --type 1 --type 4 --count 5
# Run continuous malware-like traffic
spicy-cat traffic --malware --background --interval 10
# Verbose with IOC indicators
spicy-cat traffic --malware --type c2_beacon --verboseAvailable Malware Behavior Types (9):
| # | Type | Description |
|---|---|---|
| 1 | c2_beacon |
C2 beaconing (regular heartbeat to command server) |
| 2 | data_exfil |
Data exfiltration (DNS tunneling, large uploads) |
| 3 | cryptominer |
Cryptominer (mining pool connections) |
| 4 | ransomware |
Ransomware patterns (key exchange, .onion) |
| 5 | botnet |
Botnet communication (IRC/P2P/DGA) |
| 6 | keylogger |
Keylogger/spyware (small frequent uploads) |
| 7 | trojan_downloader |
Trojan downloader (payload fetching) |
| 8 | worm_scan |
Worm scanning (port scans, lateral movement) |
| 9 | adware |
Adware/PUP (excessive ad network traffic) |
Note: This simulates network PATTERNS only - no actual malicious functionality. All traffic goes to safe/controlled endpoints. Useful for:
- Security analyst training
- IDS/IPS rule testing
- Honeypot realism
- CTF challenges
- Incident response drills
Unlike typical random generators, spicy-cat uses deterministic chaos:
┌─────────────────────────────────────────────────────┐
│ LOGISTIC MAP │
│ │
│ x[n+1] = r × x[n] × (1 - x[n]) where r ≈ 3.9999 │
│ │
│ Deterministic but unpredictable. Same seed = │
│ same identity, but no discernible pattern. │
└─────────────────────────────────────────────────────┘
┌─────────────────────────────────────────────────────┐
│ LORENZ ATTRACTOR │
│ │
│ dx/dt = σ(y - x) │
│ dy/dt = x(ρ - z) - y │
│ dz/dt = xy - βz │
│ │
│ The butterfly effect. Creates organic noise that │
│ looks human, not algorithmic. │
└─────────────────────────────────────────────────────┘
Writing Styles (9 total for anti-stylometry):
┌──────────┐ ┌──────────┐ ┌──────────┐
│ FORMAL │◄───►│ ACADEMIC │◄───►│TECHNICAL │
└──────────┘ └──────────┘ └──────────┘
▲ ▲
│ │
▼ ▼
┌──────────┐ ┌──────────┐ ┌──────────┐
│ VERBOSE │◄───►│ CASUAL │◄───►│ TERSE │
└──────────┘ └──────────┘ └──────────┘
▲ ▲ ▲
│ │ │
▼ ▼ ▼
┌──────────┐ ┌──────────┐ ┌──────────┐
│ FRIENDLY │◄───►│ GEN_Z │◄───►│SARCASTIC │
└──────────┘ └──────────┘ └──────────┘
Style Attributes:
- Contraction preferences (formal: none, casual: heavy)
- Sentence length targets (terse: 6, verbose: 25)
- Vocabulary tier (academic: scholarly, gen_z: slang)
- Filler word patterns (friendly: "hey", "just wanted to")
- Special markers (sarcastic: rhetorical questions, air quotes)
- Punctuation density
Night Owl Profile:
▂▄▆█████▆▄▂
░░░░░░░░░░░░████████████████████░░░░░░░
00:00 06:00 12:00 18:00 24:00
Early Bird Profile:
████████████▆▄▂░░░░░░░░░░░░░░░░░░░░░░░░
00:00 06:00 12:00 18:00 24:00
~/.spicy-cat/
├── identities/ # Encrypted identity files
│ ├── work_alias.json
│ └── travel_persona.json
├── browsers/ # Browser profile registry
│ └── profiles.json
├── daemon.pid # Background service PID
├── daemon.sock # Unix socket for IPC
└── state.json # Current state
- ✅ People search engines and data brokers
- ✅ Casual social media correlation
- ✅ Basic stylometry (writing fingerprinting)
- ✅ Session tracking across sites
⚠️ Advanced browser fingerprinting (use Tor Browser for that)⚠️ Network-level surveillance (use VPN/Tor)⚠️ Sophisticated adversaries (nation-states, etc.)⚠️ You accidentally revealing your real info
/\_/\
( ^.^ ) Pro Tips from a Paranoid Cat:
> ~ <
1. Use Tor Browser for high-stakes anonymity
2. Never mix real and fake identities
3. Keep persona details consistent
4. Rotate identities periodically
5. Don't access personal accounts while in persona
6. Use different devices/VMs for different identities
7. Remember: the tool is only as good as your opsec
Why "spicy-cat"?
Cats are mysterious, independent, and notoriously hard to track. They have nine lives - you can have nine identities. Also, spicy things are hard to handle. Like your new personas.
Is this legal?
Creating fictional personas for privacy is legal. Using them for fraud, impersonation, or illegal activities is not. Don't be evil.
Why Faker as default?
Faker provides rich, localized data across many countries. A German identity should have German-sounding names and German cities. The builtin fallback works but is US-centric.
Why chaos mathematics?
Standard PRNGs produce patterns that can potentially be reverse-engineered. Chaotic systems are deterministic (reproducible from seed) but practically unpredictable. They also produce more "organic" looking patterns.
Can I contribute?
Yes! Pull requests welcome. Areas of interest:
- More locales
- Browser fingerprint resistance
- Additional browser support
- Mobile companion app
Run spicy-cat in a Docker container with complete advanced fingerprinting protection and 10 telemetry confusion methods.
cd docker
docker-compose up -d| Feature | Description |
|---|---|
| 15-Vector Fingerprint Protection | Canvas, WebGL, AudioContext, fonts, screen, navigator, WebRTC, timezone, battery, hardware, memory, plugins, TCP/IP, TLS/JA3, HTTP headers |
| TCP/IP Stack Normalization | iptables + sysctl rules make container look like any OS |
| 10 Telemetry Confusion Methods | Phantom device swarm, temporal drift, geo carousel, DNS chaff, beacon entropy, TLS shuffler, cookie chimera, UA metamorph, referrer fabricator, feedback loop |
| Agentic Real-Time Protection | Autonomous agent detects fingerprinting attempts and dynamically adjusts defenses |
| Auto-Rotating Profiles | Fingerprint profiles rotate on chaotic intervals |
# All services (main + DNS chaff + phantom swarm + WiFi)
docker-compose --profile full up -d
# WiFi chaos only
docker-compose --profile wifi up -d
# Main container only
docker-compose up -d spicy-cat| # | Method | Description |
|---|---|---|
| 1 | Phantom Device Swarm | Broadcast as IoT devices, smart TVs, consoles on WiFi |
| 2 | Temporal Drift Engine | Chaotically skew timestamps to break session correlation |
| 3 | Geolocation Carousel | Rotate through plausible GPS coordinates per request |
| 4 | DNS Chaff Generator | Flood DNS with realistic decoy domain lookups |
| 5 | Beacon Entropy Mixer | Inject noise into WiFi probe request patterns |
| 6 | TLS Handshake Shuffler | Vary JA3 fingerprints per connection |
| 7 | HTTP Cookie Chimera | Generate contradictory tracking cookies |
| 8 | User-Agent Metamorph | Morph UA strings organically mid-session |
| 9 | Referrer Chain Fabricator | Create fake browsing history trails |
| 10 | Telemetry Feedback Loop | Send corrupted data back to collectors |
The protection agent autonomously:
- Monitors for fingerprinting attempts (canvas, WebGL, audio, font probing)
- Detects known tracker domains and telemetry beacons
- Evaluates threat level: CALM → ELEVATED → HIGH → CRITICAL
- Dynamically activates more methods as threats increase
- Rotates fingerprint profiles on chaotic (Lorenz attractor) intervals
Threat: CALM → DNS chaff only, rotate every 60min
Threat: ELEVATED → +cookies +UA morph +temporal drift, rotate every 30min
Threat: HIGH → +phantom swarm +TLS shuffle +referrers, rotate every 10min
Threat: CRITICAL → ALL 10 methods active, rotate every 2min
spicy-wifi - A WiFi AP confusion tool with three operation modes.
python3 wifi/spicy-wifi.py # Interactive mode
python3 wifi/spicy-wifi.py --mode nowhere # Broadcast to nowhere
python3 wifi/spicy-wifi.py --mode targeted # Target specific AP
python3 wifi/spicy-wifi.py --mode mimic # Mimic a device| Mode | Description |
|---|---|
| 1) Nowhere | Broadcast probe requests to random non-existent APs, creating WiFi noise |
| 2) Targeted | Send crafted traffic to a specific AP (BSSID), spoofing many device sources |
| 3) Mimic | Send traffic as a specific device (iPhone, Galaxy, MacBook, IoT, etc.) |
Traffic payloads use real news categories for realistic content:
| Category | Description |
|---|---|
| World | International news and global events |
| Technology | Tech industry, gadgets, and software |
| Science | Scientific discoveries and research |
| Business | Markets, economy, and corporate news |
| Sports | Sports scores, transfers, and events |
| Entertainment | Movies, music, TV, and celebrity |
| Health | Medical research and public health |
| Politics | Government, policy, and elections |
| Environment | Climate and sustainability |
| Education | Schools, universities, and learning |
# List categories
python3 wifi/spicy-wifi.py --list-categories
# List mimicable devices (10 profiles)
python3 wifi/spicy-wifi.py --list-devices
# Continuous mimic as iPhone with tech + science news
python3 wifi/spicy-wifi.py --mode mimic --device "iPhone" \
--categories "2,3" --continuous
# Targeted with all news categories
python3 wifi/spicy-wifi.py --mode targeted \
--bssid AA:BB:CC:DD:EE:FF --ssid "TargetNet" --continuousNote: Real WiFi frame injection requires
scapyand a monitor-mode interface. Without these, spicy-wifi runs in simulation mode (useful for testing/development).
- v1.1 - Docker version with fingerprint protection + WiFi tools
- v1.2 - Chromium/Chrome profile support
- v1.3 - Social media persona templates
- v1.4 - Profile photo generation (AI)
- v1.5 - Keyboard timing simulation
- v2.0 - GUI application
Docker Version:
- Complete Docker containerization with docker-compose
- 15-vector advanced fingerprint protection (canvas, WebGL, audio, fonts, screen, navigator, WebRTC, timezone, battery, hardware, memory, plugins, TCP/IP, TLS/JA3, HTTP headers)
- TCP/IP stack normalization via iptables and sysctl
- JavaScript injection script for browser API spoofing
- Firefox and Chromium configuration generation
- Health check system for container monitoring
Telemetry Confusion (10 Methods):
- Phantom Device Swarm (16 IoT device profiles)
- Temporal Drift Engine (Lorenz-based timestamp skewing)
- Geolocation Carousel (10 metro areas with organic variance)
- DNS Chaff Generator (50+ domain patterns)
- Beacon Entropy Mixer (WiFi probe request noise)
- TLS Handshake Shuffler (JA3 fingerprint randomization)
- HTTP Cookie Chimera (contradictory tracking cookies)
- User-Agent Metamorph (organic UA morphing)
- Referrer Chain Fabricator (fake browsing trails)
- Telemetry Feedback Loop (corrupted telemetry data)
Agentic Protection:
- Autonomous threat detection and response agent
- 4-level threat assessment (CALM/ELEVATED/HIGH/CRITICAL)
- Lorenz attractor-based decision engine
- Dynamic fingerprint profile rotation
- Known tracker domain detection (40+ domains)
- Script content analysis for fingerprinting patterns
- Docker integration manager with startup scripts
WiFi AP Confusion Tool:
- Three operation modes: Nowhere, Targeted, Mimic
- 10 device profiles for WiFi mimicry
- News category system (10 categories) for realistic payloads
- Online RSS feed collection with offline template fallback
- Scapy integration for real WiFi frame injection
- Simulation mode for testing without hardware
- Interactive and batch operation modes
- Initial release with identity generation, chaos engine, browser profiles, dashboard, daemon, and traffic simulation
MIT License. See LICENSE for details.
Built with:
- Faker - Fake data generation
- Python standard library - Keeping it minimal
- Lorenz, Rössler, and other chaos theory pioneers
- Cats everywhere - For inspiration
/\_____/\
/ o o \
( == 💋== )
) (
( )
( ( ) ( ) )
(__(__)___(__)__)
"Stay curious. Stay anonymous."
=^.^=
