🔐 Hashcat Cheat Sheet
🔢 Hash Modes
| Hash Type | Mode | Command |
|---|
| MD5 | 0 | -m 0 |
| SHA1 | 100 | -m 100 |
| SHA256 | 1400 | -m 1400 |
| NTLM | 1000 | -m 1000 |
| bcrypt | 3200 | -m 3200 |
| WPA/WPA2 | 22000 | -m 22000 |
| Office 2013 | 9600 | -m 9600 |
| ZIP | 13600 | -m 13600 |
🧠 Basic Syntax
hashcat -m <mode> -a <attack-mode> <hashfile> <wordlist>
⚔️ Attack Modes
| Mode | Type | Example |
|---|
| 0 | Straight | Wordlist attack |
| 1 | Combination | Two wordlists |
| 3 | Brute-force | Masks e.g. ?a?a?a |
| 6 | Hybrid Wordlist + Mask | Append mask to wordlist |
| 7 | Hybrid Mask + Wordlist | Prepend mask to wordlist |
hashcat -m 0 -a 0 hashes.txt rockyou.txt
hashcat -m 1000 -a 3 hashes.txt ?a?a?a?a?a
🔤 Mask Attack Charset
| Symbol | Charset |
|---|
| ?l | Lowercase [a-z] |
| ?u | Uppercase [A-Z] |
| ?d | Digits [0-9] |
| ?s | Special chars |
| ?a | All of the above |
| ?b | All 8-bit chars |
hashcat -m 1000 -a 3 hashes.txt ?u?l?l?l?d?d
📜 Rule-Based Attack
hashcat -m 0 -a 0 -r rules/best64.rule hashes.txt rockyou.txt
📀 Output Management
--outfile=found.txt
--remove
--show
🚀 Performance Options
--force
--opencl-device-types 1,2
--backend-info
--benchmark
🚗 GPU Detection and Usage
# List all detected devices (NVIDIA, AMD, CPU)
hashcat -I
# Use specific device (e.g., only NVIDIA GPU)
hashcat -m 0 -a 0 hashes.txt rockyou.txt -d 1
# Use multiple devices
hashcat -m 0 -a 0 hashes.txt rockyou.txt -d 1,2
# Only allow GPU devices
hashcat --opencl-device-types 2
⏱️ Resume & Checkpoints
--session=myjob
--restore
--restore-disable
🔐 Sample Hash Formats
# NTLM
aad3b435b51404eeaad3b435b51404ee
# MD5
5d41402abc4b2a76b9719d911017c592
# WPA2 (hash mode 22000)
$HEX[...] (use hcxpcapngtool to convert .pcap)
0 Comments