# Hashcat Word lists and Rules ## Recommended General Large Word lists

Word List	Link
AllInOne	https://weakpass.com/all-in-one
Rockyou2021	https://weakpass.com/wordlist/1943
Weakpass_3a	https://weakpass.com/wordlist/1948
Top2Billion-probable-v2	https://weakpass.com/wordlist/1858

## Recommended General Medium Word lists

Word List	Link
hk_hlm_founds	https://weakpass.com/wordlist/1256
RP4	https://weakpass.com/wordlist/914
Ignis	https://weakpass.com/wordlist/1935
Top29Million-probable-v2	https://weakpass.com/wordlist/1857
SkullSecurityComp	https://weakpass.com/wordlist/671

## Specific Word lists

Word List	Use case	Link
Kerberoast_pws	SPN cracking	https://gist.github.com/The-Viper-One/a1ee60d8b3607807cc387d794e809f0b
weakpass_3w	8-24 characters	https://weakpass.com/wordlist/1950
weakpass_3p	Contains only printable characters	https://weakpass.com/wordlist/1949

## Word list from cracked hashes Locate pot-file ``` find / -name hashcat.potfile 2> /dev/null ``` Place the cracked hash passwords into its own word list. ``` cat [PotFile] | sed 's/[^:]*://' > CrackedHashesWordlist.txt ``` ## Word list from website scraping ``` cewl [URL] -d 3 -m 5 --with-numbers | tee Wordlists/CewlWordList.txt ``` ## Recommended Rules #### NSA Rules Github: ``` git clone https://github.com/NSAKEY/nsa-rules.git ``` #### OneRuleToRuleThemAllStill An updated and improved variation of the popular OneRuleToRuleThemAll rule set. This updated rule set should provide the same effective crackrate as OneRule with a reduction in total cracking time. Blog Post: Github: ``` git clone https://github.com/stealthsploit/OneRuleToRuleThemStill.git ``` #### Unic0rn28 Hashcat Rules Github:

git clone https://github.com/Unic0rn28/hashcat-rules.git

## Brute Force Mask ```bash hashcat -m 13100 -O -a3 ?a?a?a?a?a?a?a?a --increment # Bruteforce all upto 8 characters ``` ## Reviewing cracked passwords Hashcat can display credentials in \[Username]:\[Password] format. Adjust the command below to match the correct method for the hashfile and the --outfile-format value to whichever looks best. For NTLM and Secretsdump the command below should work fine. ``` hashcat -m 1000 SecretsDump.txt --show --username --outfile-format 2 | sort ```

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://viperone.gitbook.io/pentest-everything/resources/hashcat-word-lists-and-rules.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.