Hashcat Word lists and Rules
Recommended General Large Word lists
AllInOne
Rockyou2021
Weakpass_3a
Top2Billion-probable-v2
Recommended General Medium Word lists
hk_hlm_founds
RP4
Ignis
Top29Million-probable-v2
SkullSecurityComp
Specific Word lists
Kerberoast_pws
SPN cracking
weakpass_3w
8-24 characters
weakpass_3p
Contains only printable characters
Word list from cracked hashes
Locate pot-file
Place the cracked hash passwords into its own word list.
Word list from website scraping
Recommended Rules
NSA Rules
OneRuleToRuleThemAllStill
An updated and improved variation of the popular OneRuleToRuleThemAll rule set. This updated rule set should provide the same effective crackrate as OneRule with a reduction in total cracking time.
Unic0rn28 Hashcat Rules
Brute Force Mask
Reviewing cracked passwords
Hashcat can display credentials in [Username]:[Password] format. Adjust the command below to match the correct method for the hashfile and the --outfile-format value to whichever looks best. For NTLM and Secretsdump the command below should work fine.
Last updated
Was this helpful?