The recommended way is to capture the network traffic with https://github.com/ZerBea/hcxdumptool and convert the capture to hashes with hcxpcapngtool of https://github.com/ZerBea/hcxtools .
The new -m 22000 hash type, which is currently only available in beta at the moment of this writing (https://hashcat.net/beta/), has many advantages and uses a different hash format (it's not the hccapx format).
In theory, hcxpcapngtool can help you filter out "hashes" that aren't good or not belonging to a certain network etc.
If the hashes all belong to the same ESSID (network name) the speed shouldn't suffer too much... but if hcxtools report that a specific hash/message-pair is valid and has all the handshakes done correctly, the hash should be alright and the hash should be crackable (because we know the AP accepted the password). This means in such a case, a single hash would be enough, i.e. it doesn't help much if you have multiple hashes for the same network if we have one valid/complete handshake capture (and corresponding -m 22000 hash).
BTW: the -m 22000 is a very clever/new kernel which is able to combine multiple "attacks" and avoids duplicate work etc. It's very optimized (like all hashcat kernels)
The new -m 22000 hash type, which is currently only available in beta at the moment of this writing (https://hashcat.net/beta/), has many advantages and uses a different hash format (it's not the hccapx format).
In theory, hcxpcapngtool can help you filter out "hashes" that aren't good or not belonging to a certain network etc.
If the hashes all belong to the same ESSID (network name) the speed shouldn't suffer too much... but if hcxtools report that a specific hash/message-pair is valid and has all the handshakes done correctly, the hash should be alright and the hash should be crackable (because we know the AP accepted the password). This means in such a case, a single hash would be enough, i.e. it doesn't help much if you have multiple hashes for the same network if we have one valid/complete handshake capture (and corresponding -m 22000 hash).
BTW: the -m 22000 is a very clever/new kernel which is able to combine multiple "attacks" and avoids duplicate work etc. It's very optimized (like all hashcat kernels)