Frequently asked questions
Source code
Hashcat suite
Beyond hashcat itself, there are other useful utilities from the same team, maintained in separate repositories.
hashcat - World's fastest and most advanced password recovery utility (
source)
-
maskprocessor - High-performance word generator with a per-position configurable charset (
source)
-
-
kwprocessor - Advanced keyboard-walk generator with configureable basechars, keymap and routes (
source)
Documentation for older hashcat versions like hashcat-legacy, oclHashcat, … can be found by using the Sitemap button.
Core attack modes
Dictionary attack - trying all words in a list; also called “straight” mode (attack mode 0,
-a 0
)
-
-
-
Association attack - use an username, a filename, a hint, or any other pieces of information which could have had an influence in the password generation to attack one specific hash (
-a 9
)
Other attacks
Rule-based attack - applying rules to words from wordlists; combines with wordlist-based attacks (attack modes 0, 6, and 7)
-
Most important wiki pages
* Strike-through = Outdated article
Patches, tips and tricks
* Strike-through = Outdated article
Howtos, Videos, Papers, Articles, etc. in the wild
If your hashcat article is not listed, tell us. We would love to link it here.
General guides
Hardware
Common issues
Specific attacks
Specific targets
Cloud and scale
Contests
hashcat-utils - many small utilities useful in advanced password cracking
hashcat's
test.pl - generate hashes from wordlists
hashgen - quickly generate some common hash types from wordlists
-
-
MDXfind - supports multiple iterations of many hash types (CPU only)
PACK - tools to analyze founds, generate masks that match policy, etc.
pack2 - split strings on character boundaries, filter by mask, generate stats, unhex HEX
rling - fast dedupe and sorting of large lists
RuleProcessorY - apply rules to wordlists - supports multibyte; slower than direct GPU rules
-
slider - get sliding window of substrings from a wordlist
Other