Hashcat Word lists and Rules

Recommended General Large Word lists

Word List

Link

AllInOne

https://weakpass.com/all-in-one

Rockyou2021

https://weakpass.com/wordlist/1943

Weakpass_3a

https://weakpass.com/wordlist/1948

Top2Billion-probable-v2

https://weakpass.com/wordlist/1858

Recommended General Medium Word lists

Word List

Link

hk_hlm_founds

https://weakpass.com/wordlist/1256

RP4

https://weakpass.com/wordlist/914

Ignis

https://weakpass.com/wordlist/1935

Top29Million-probable-v2

https://weakpass.com/wordlist/1857

SkullSecurityComp

https://weakpass.com/wordlist/671

Specific Word lists

Word List

Use case

Link

Kerberoast_pws

SPN cracking

https://gist.github.com/The-Viper-One/a1ee60d8b3607807cc387d794e809f0b

weakpass_3w

8-24 characters

https://weakpass.com/wordlist/1950

weakpass_3p

Contains only printable characters

https://weakpass.com/wordlist/1949

Word list from cracked hashes

Locate pot-file

find / -name hashcat.potfile 2> /dev/null

Place the cracked hash passwords into its own word list.

cat [PotFile] | sed 's/[^:]*://' > CrackedHashesWordlist.txt

Word list from website scraping

cewl [URL] -d 3 -m 5 --with-numbers | tee Wordlists/CewlWordList.txt

Recommended Rules

NSA Rules

Github: https://github.com/NSAKEY/nsa-rules

git clone https://github.com/NSAKEY/nsa-rules.git

OneRuleToRuleThemAllStill

An updated and improved variation of the popular OneRuleToRuleThemAll rule set. This updated rule set should provide the same effective crackrate as OneRule with a reduction in total cracking time.

Blog Post: https://in.security/2023/01/10/oneruletorulethemstill-new-and-improved/

Github: https://github.com/stealthsploit/OneRuleToRuleThemStill

git clone https://github.com/stealthsploit/OneRuleToRuleThemStill.git

Unic0rn28 Hashcat Rules

Github: https://github.com/Unic0rn28/hashcat-rules

git clone https://github.com/Unic0rn28/hashcat-rules.git

Brute Force Mask

hashcat -m 13100 -O -a3 ?a?a?a?a?a?a?a?a --increment # Bruteforce all upto 8 characters

Reviewing cracked passwords

Hashcat can display credentials in [Username]:[Password] format. Adjust the command below to match the correct method for the hashfile and the --outfile-format value to whichever looks best. For NTLM and Secretsdump the command below should work fine.

hashcat -m 1000 SecretsDump.txt --show --username --outfile-format 2 | sort

Last updated 2 years ago

hashtagRecommended General Large Word lists

hashtagRecommended General Medium Word lists

hashtagSpecific Word lists

hashtagWord list from cracked hashes

hashtagWord list from website scraping

hashtagRecommended Rules

hashtagNSA Rules

hashtagOneRuleToRuleThemAllStill

hashtagUnic0rn28 Hashcat Rules

hashtagBrute Force Mask

hashtagReviewing cracked passwords

Recommended General Large Word lists

Recommended General Medium Word lists

Specific Word lists

Word list from cracked hashes

Word list from website scraping

Recommended Rules

NSA Rules

OneRuleToRuleThemAllStill

Unic0rn28 Hashcat Rules

Brute Force Mask

Reviewing cracked passwords