Well, the following facts should be very obvious but maybe you are asking for them:
- if the dictionary is very small and dedicated a word list attack (-a 0) would be smarter/better
- if a dictionary contains a lot of garbage or randomly generated "passwords", mask attack (-a 3) would be smarter/better
- in general, if the dictionary is very huge and contains almost the same amount of password candidates that would be generated by mask attack, then mask attack (-a 3) would be smarter/better
- whenever you can avoid disk IO (very slow compared to on-the-fly password candidate generation!) but still can attack the hash very well with a very special/dedicated mask, go for the mask attack (-a 3)
- dictionary attack (-a 0) is always smarter if you need to generate password candidates (with rules etc) based on some specific words (and apply rules on them)
- brute-force is almost always the last thing you should try, i.e. you should either run very specific mask(s) or apply rules on some base words (attention: there are exceptions because there are some other attack modes that hashcat supports and sometimes are much more clever, like dict + mask, mask + dict, dict1 + dict2, etc)
- even with the fastest SSD you won't be faster @ generating/loading password candidates (compared to mask attack), so do not think about "hey, I can precompute this, I just need a huge SSD" (it doesn't work like this). The password candidates need to be loaded from the disk and transfered to your GPUs, this makes it much slower than mask attack
...
So, as you can see it all depends on your situation... but one thing is very obvious, generating very huge dicts shouldn't be done! It's much slower and you even need a lot of time to generate them and a lot of disk space.
Hope this helps a little bit
- if the dictionary is very small and dedicated a word list attack (-a 0) would be smarter/better
- if a dictionary contains a lot of garbage or randomly generated "passwords", mask attack (-a 3) would be smarter/better
- in general, if the dictionary is very huge and contains almost the same amount of password candidates that would be generated by mask attack, then mask attack (-a 3) would be smarter/better
- whenever you can avoid disk IO (very slow compared to on-the-fly password candidate generation!) but still can attack the hash very well with a very special/dedicated mask, go for the mask attack (-a 3)
- dictionary attack (-a 0) is always smarter if you need to generate password candidates (with rules etc) based on some specific words (and apply rules on them)
- brute-force is almost always the last thing you should try, i.e. you should either run very specific mask(s) or apply rules on some base words (attention: there are exceptions because there are some other attack modes that hashcat supports and sometimes are much more clever, like dict + mask, mask + dict, dict1 + dict2, etc)
- even with the fastest SSD you won't be faster @ generating/loading password candidates (compared to mask attack), so do not think about "hey, I can precompute this, I just need a huge SSD" (it doesn't work like this). The password candidates need to be loaded from the disk and transfered to your GPUs, this makes it much slower than mask attack
...
So, as you can see it all depends on your situation... but one thing is very obvious, generating very huge dicts shouldn't be done! It's much slower and you even need a lot of time to generate them and a lot of disk space.
Hope this helps a little bit