For sure,a large part it is practice and experience. For example, knowing a) which attack type to use in which situation and b) how to avoid checking unneeded options, makes a tremendous difference and is more important than expensive hardware.
For example, will your hybrid attack contain ?d?d?d?d for a year, or will it be -1 12 -2 90 ?1?2?d?d. The later option is 25x faster. An even better option would be to use a rule set for common dates, perhaps followed by a special character. Especially when a small mask is first and the word list is second in a hybrid attack, it becomes slow. Rule sets do not have this problem, whether it is append or prepend, hence it can be a better solution than hybrid attacks which rely on a mask.
Another booster is the ability to use left (-j) and right (-k) rules in hybrid attacks, they can make your life much easier and are often overlooked by beginning hashcat users.
With regards to theory, it is important to understand bottlenecks and how to supply more work as well as reading on the forum and wiki in general:
https://hashcat.net/faq/morework
Last tip, when I started understanding and building my own rule sets, I noticed I jumped in my capacity to crack hashes. Using rules is the most powerful tool hashcat has to offer, they are very much worth learning.
Another thing to understand that the skills you have to learn depend on whether you want to crack many hashes in a database/breach, or if you want to help a specific client. The skills are different. In the first case you focus on general password patterns and systematic rules such length, while in the later you translate the clients mind and way of thinking into custom masks and rule sets.
For example, will your hybrid attack contain ?d?d?d?d for a year, or will it be -1 12 -2 90 ?1?2?d?d. The later option is 25x faster. An even better option would be to use a rule set for common dates, perhaps followed by a special character. Especially when a small mask is first and the word list is second in a hybrid attack, it becomes slow. Rule sets do not have this problem, whether it is append or prepend, hence it can be a better solution than hybrid attacks which rely on a mask.
Another booster is the ability to use left (-j) and right (-k) rules in hybrid attacks, they can make your life much easier and are often overlooked by beginning hashcat users.
With regards to theory, it is important to understand bottlenecks and how to supply more work as well as reading on the forum and wiki in general:
https://hashcat.net/faq/morework
Last tip, when I started understanding and building my own rule sets, I noticed I jumped in my capacity to crack hashes. Using rules is the most powerful tool hashcat has to offer, they are very much worth learning.
Another thing to understand that the skills you have to learn depend on whether you want to crack many hashes in a database/breach, or if you want to help a specific client. The skills are different. In the first case you focus on general password patterns and systematic rules such length, while in the later you translate the clients mind and way of thinking into custom masks and rule sets.