1. The answer depends on the "speed" of the hash - fast (like MD5) vs slow (like bcrypt).
1a. If it's a fast hash, it's usually not worth the time to perform the rejection. Start up the attacks with and without the rejection, and check the estimated completion time.
1b. If it's a slow hash, filter the candidates out using an external script before piping them to hashcat, or see 2b.
2. The answer also depends on how you're generating candidate passwords:
2a. If you're using masks, you can create a list of masks that excludes the sequences you want to avoid - see https://hashcat.net/wiki/doku.php?id=mas...m_charsets
2b. If you're using wordlists or wordlists+rules, use -j/-k with a single rule to eliminate candidates - see https://hashcat.net/wiki/doku.php?id=rul...ect_plains), or see 1b.
But 2b is only feasible if your attack can handle only using a single rule.
1a. If it's a fast hash, it's usually not worth the time to perform the rejection. Start up the attacks with and without the rejection, and check the estimated completion time.
1b. If it's a slow hash, filter the candidates out using an external script before piping them to hashcat, or see 2b.
2. The answer also depends on how you're generating candidate passwords:
2a. If you're using masks, you can create a list of masks that excludes the sequences you want to avoid - see https://hashcat.net/wiki/doku.php?id=mas...m_charsets
2b. If you're using wordlists or wordlists+rules, use -j/-k with a single rule to eliminate candidates - see https://hashcat.net/wiki/doku.php?id=rul...ect_plains), or see 1b.
But 2b is only feasible if your attack can handle only using a single rule.
~