Ecosystem · Password cracking
Hashcat
The de facto GPU password recovery tool. Hashcat was created by Jens “atom” Steube in 2009 and made fully open source (MIT) in 2015. Modern releases support 350+ hash modes, dispatch across CUDA / HIP / OpenCL backends, and reach throughputs that no other free tool approaches.
At a glance
| Author | Jens “atom” Steube and contributors |
|---|---|
| License | MIT (since 2015) |
| Backends | CUDA, HIP, OpenCL, Metal (macOS) |
| Project | hashcat.net/hashcat |
| Repository | github.com/hashcat/hashcat |
| Hash modes | 350+ (see --example-hashes or --help) |
Attack modes
-a | Name | What it does |
|---|---|---|
| 0 | Straight | Wordlist (optionally with rules) |
| 1 | Combinator | Wordlist1 × Wordlist2 |
| 3 | Brute-force / mask | Character-set masks like ?a?a?a?a |
| 6 | Hybrid 1 | Wordlist + mask suffix |
| 7 | Hybrid 2 | Mask prefix + wordlist |
| 9 | Association | Use known per-user information |
Common hash-mode numbers
Each algorithm gets a numeric ID via -m. A few you will see often:
-m | Algorithm |
|---|---|
| 0 | MD5 |
| 100 | SHA-1 |
| 1400 | SHA-256 |
| 1700 | SHA-512 |
| 1000 | NTLM |
| 3200 | bcrypt |
| 1800 | sha512crypt ($6$) |
| 13000 | RAR5 |
| 22000 | WPA-PBKDF2-PMKID+EAPOL |
| 20500 | Argon2i (legacy variant) |
Rule files
Hashcat’s rule files apply per-word mutations during wordlist attacks (capitalize, append digits, leetspeak, swap, duplicate, etc.). The canonical sets are rockyou-30000.rule, OneRuleToRuleThemAll.rule, and best64.rule. Rules are the single biggest determinant of practical crack rate after hash mode.
Throughput, for intuition
Order-of-magnitude figures on a single RTX 4090 (varies with version and driver):
- NTLM: ~280 GH/s , effectively unlimited candidates per second.
- MD5 / SHA-1: ~60-100 GH/s.
- SHA-256: ~10 GH/s.
- bcrypt (cost 5): ~150 KH/s , six orders of magnitude slower than NTLM. This is exactly what password-hashing functions are for.
- Argon2id (m=64 MiB, t=3): low hundreds of H/s. Why memory-hard functions defeat GPU brute-force.
Defensive use cases
- Password audits , export your org’s hashes, crack the weak ones, force resets.
- Policy evaluation , measure what fraction of compliance-grade passwords actually fall to common rules + wordlists.
- Hash storage validation , if Hashcat cracks too easily, your cost parameters are too low.
- Forensic recovery , recover access to legitimately-owned encrypted archives with forgotten passwords.
Cautions
- Cracking passwords requires authorization for whatever target you point Hashcat at. Even “publicly leaked” databases contain personal data; many jurisdictions treat possession or processing as illegal regardless of source.
- Hashcat numbers (
-m) sometimes change between major versions. Always read--example-hashesfirst. - For modern password storage (Argon2id with sensible cost), Hashcat throughput drops to single-digit hundreds of hashes per second. Crack times measured in months/years, not minutes.