🔐 Hashcat Cheat Sheet
🔢 Hash Modes
Hash Type | Mode | Command |
MD5 | 0 | -m 0 |
SHA1 | 100 | -m 100 |
SHA256 | 1400 | -m 1400 |
NTLM | 1000 | -m 1000 |
bcrypt | 3200 | -m 3200 |
WPA/WPA2 | 22000 | -m 22000 |
Office 2013 | 9600 | -m 9600 |
ZIP | 13600 | -m 13600 |
🧠 Basic Syntax
hashcat -m <mode> -a <attack-mode> <hashfile> <wordlist>
⚔️ Attack Modes
Mode | Type | Example |
0 | Straight | Wordlist attack |
1 | Combination | Two wordlists |
3 | Brute-force | Masks e.g. ?a?a?a |
6 | Hybrid Wordlist + Mask | Append mask to wordlist |
7 | Hybrid Mask + Wordlist | Prepend mask to wordlist |
hashcat -m 0 -a 0 hashes.txt rockyou.txt
hashcat -m 1000 -a 3 hashes.txt ?a?a?a?a?a
🔤 Mask Attack Charset
Symbol | Charset |
?l | Lowercase [a-z] |
?u | Uppercase [A-Z] |
?d | Digits [0-9] |
?s | Special chars |
?a | All of the above |
?b | All 8-bit chars |
hashcat -m 1000 -a 3 hashes.txt ?u?l?l?l?d?d
📜 Rule-Based Attack
hashcat -m 0 -a 0 -r rules/best64.rule hashes.txt rockyou.txt
📀 Output Management
--outfile=found.txt
--remove
--show
🚀 Performance Options
--force
--opencl-device-types 1,2
--backend-info
--benchmark
🚗 GPU Detection and Usage
# List all detected devices (NVIDIA, AMD, CPU)
hashcat -I
# Use specific device (e.g., only NVIDIA GPU)
hashcat -m 0 -a 0 hashes.txt rockyou.txt -d 1
# Use multiple devices
hashcat -m 0 -a 0 hashes.txt rockyou.txt -d 1,2
# Only allow GPU devices
hashcat --opencl-device-types 2
⏱️ Resume & Checkpoints
--session=myjob
--restore
--restore-disable
🔐 Sample Hash Formats
# NTLM
aad3b435b51404eeaad3b435b51404ee
# MD5
5d41402abc4b2a76b9719d911017c592
# WPA2 (hash mode 22000)
$HEX[...] (use hcxpcapngtool to convert .pcap)
0 Comments