Hashcat Cheat Sheet

Hashcat is a popular password cracking tool that supports various hashing algorithms and attack modes. Here’s a cheat sheet for Hashcat:

Hashcat Basics

Hashcat Help:

hashcat --help

Version Information:

hashcat --version

Hashcat Modes

MD5 Hash Cracking:

hashcat -m 0 hashes.txt wordlist.txt

SHA-256 Hash Cracking:

hashcat -m 1400 hashes.txt wordlist.txt

NTLM Hash Cracking:

hashcat -m 1000 hashes.txt wordlist.txt

Attack Modes

Dictionary Attack:

hashcat -m <hash_mode> -a 0 hashes.txt wordlist.txt

Brute-Force Attack:

hashcat -m <hash_mode> -a 3 hashes.txt ?a?a?a?a?a?a

Combination Attack:

hashcat -m <hash_mode> -a 1 hashes.txt wordlist1.txt wordlist2.txt

Mask Attack

Brute-Force with Known Characters:

hashcat -m <hash_mode> -a 3 hashes.txt ?l?l?l?l?d?d?d?d

Performance Tuning

Optimized Kernel for NVIDIA GPUs:

hashcat -I

Optimized Kernel for AMD GPUs:

hashcat -I --force

Benchmarking

Benchmark All Devices:

hashcat -b -w 4

Benchmark Specific Device:

hashcat -b -w 4 -d 1

Session Management

Resume Cracking Session:

hashcat --restore

Pause Cracking Session:

hashcat --pause

Advanced Options

Show Cracked Passwords:

hashcat --show

Generate Rule-Based Wordlist:

hashcat --stdout -r rules/best64.rule wordlist.txt > rule_wordlist.txt

Incremental Mode

Incremental Mode:

hashcat -m <hash_mode> -a 6 hashes.txt

Dictionary Management

Create Wordlist with Crunch:

crunch 8 12 -o wordlist.txt

Generate Wordlist with Combinator:

combinator wordlist1.txt wordlist2.txt > combined_wordlist.txt

Remember to replace <hash_mode> with the actual hash mode you are targeting (e.g., 0 for MD5, 1000 for NTLM). Additionally, customize the attack parameters, such as wordlists and mask patterns, based on your specific use case.

Always ensure that you have the legal right to use Hashcat and comply with ethical hacking and cybersecurity laws and guidelines.