kiara's suggestion with the masks sounds good. watch out though, statting a dictionary *might* miss some of the possible combinations. timbo writes the passwords are random-generated. so the mask stuff is very good to produce mask candidates, will reduce keyspace. as long as you are aware that the statting might miss some possible combinations and you got an eye on it, should be fine.
alternatively to finding out all possible mask combinations, you could use maskprocessor with -r and -q options to limit the maximum number of occurences for individual letters, coz it is unlikely that passwords like:
AAAAAAAAAA or AAAAABBBBB
would be used in any productive system.
So by setting a limit how often an individual character is used in the password candidates, it will reduce your keyspace. you can start with low values and increase them by iteration, if required.
For details see https://hashcat.net/wiki/doku.php?id=maskprocessor
alternatively to finding out all possible mask combinations, you could use maskprocessor with -r and -q options to limit the maximum number of occurences for individual letters, coz it is unlikely that passwords like:
AAAAAAAAAA or AAAAABBBBB
would be used in any productive system.
So by setting a limit how often an individual character is used in the password candidates, it will reduce your keyspace. you can start with low values and increase them by iteration, if required.
For details see https://hashcat.net/wiki/doku.php?id=maskprocessor