Hashcat is the world’s fastest CPU-based password recovery tool.
While it’s not as fast as its GPU counterparts oclHashcat-plus and oclHashcat-lite, large lists can be easily split in half with a good dictionary and a bit of knowledge of the command switches.
Changelog v0.47
- added -m 123 = EPi
- added -m 1430 = sha256(unicode($pass).$salt)
- added -m 1440 = sha256($salt.unicode($pass))
- added -m 1441 = EPiServer 6.x >= v4
- added -m 1711 = SSHA-512(Base64), LDAP {SSHA512}
- added -m 1730 = sha512(unicode($pass).$salt)
- added -m 1740 = sha512($salt.unicode($pass))
- added -m 7400 = SHA-256(Unix)
- added -m 7600 = Redmine SHA1
- debug mode can now be used also together with -g, generate rule
- support added for using external salts together with mode 160 = HMAC-SHA1 (key = $salt)
- allow empty salt/key for HMAC algos
- allow variable rounds for hash modes 500, 1600, 1800, 3300, 7400 using rounds= specifier
- added –generate-rules-seed, sets seed used for randomization so rulesets can be reproduced
- added output-format type 8 (position:hash:plain)
- updated/added some hcchr charset files in /charsets, some new files: Bulgarian, Polish, Hungarian
- format output when using –show according to the –outfile-format option
- show mask length in status screen
- –disable-potfile in combination with –show or –left resulted in a crash, combination was disallowed
- Multi-Threaded
- Free
- Multi-Hash (up to 24 million hashes)
- Multi-OS (Linux, Windows and OSX native binaries)
- Multi-Algo (MD4, MD5, SHA1, DCC, NTLM, MySQL, …)
- SSE2, AVX and XOP accelerated
- All Attack-Modes except Brute-Force and Permutation can be extended by rules
- Very fast Rule-engine
- Rules compatible with JTR and PasswordsPro
- Possible to resume or limit session
- Automatically recognizes recovered hashes from outfile at startup
- Can automatically generate random rules
- Load saltlist from external file and then use them in a Brute-Force Attack variant
- Able to work in an distributed environment
- Specify multiple wordlists or multiple directories of wordlists
- Number of threads can be configured
- Threads run on lowest priority
- Supports hex-charset
- Supports hex-salt
- 90+ Algorithms implemented with performance in mind
- …and much more