Hashcat
Hashcat is a password recovery tool. It had a proprietary code base until 2015, but was then released as open source software. Versions are available for Linux, macOS, and Windows. Examples of hashcat-supported hashing algorithms are LM hashes, MD4, MD5, SHA-family and Unix Crypt formats as well as algorithms used in MySQL and Cisco PIX.
Hashcat has received publicity because it is partly based on flaws in other software discovered by its creator. An example was a flaw in 1Password's password manager hashing scheme. It has also been compared to similar software in a Usenix publication and been described on Ars Technica.
Variants
Previously, two variants of hashcat existed:- hashcat - CPU-based password recovery tool
- oclHashcat/cudaHashcat - GPU-accelerated tool
Many of the algorithms supported by hashcat-legacy can be cracked in a shorter time with the GPU-based hashcat. However, not all algorithms can be accelerated by GPUs. Bcrypt is an example of this. Due to factors such as data-dependent branching, serialization, and memory, oclHashcat/cudaHashcat weren't catchall replacements for hashcat-legacy.
hashcat-legacy is available for Linux, OSX and Windows.
hashcat is available for macOS, Windows, and Linux with GPU, CPU and generic OpenCL support which allows for FPGAs and other accelerator cards.
Sample output
hashcat starting
CUDA API
- Device #01: NVIDIA GeForce RTX 4090, 23687/24080 MB, 128MCU
- Device #02: NVIDIA GeForce RTX 4090, 23687/24080 MB, 128MCU
- Device #04: NVIDIA GeForce RTX 4090, skipped
- Device #05: NVIDIA GeForce RTX 4090, skipped
Maximum password length supported by kernel: 256
Minimum salt length supported by kernel: 0
Maximum salt length supported by kernel: 256
Hashes: 1 digests; 1 unique digests, 1 unique salts
Bitmaps: 16 bits, 65536 entries, 0x0000ffff mask, 262144 bytes, 5/13 rotates
Optimizers applied:
- Zero-Byte
- Single-Hash
- Single-Salt
- Brute-Force
- Slow-Hash-DimensionY-LOOP
Host memory allocated for this attack: 512 MB
$argon2id$v=19$m=65536,t=3,p=1$FBMjI4RJBhIykCgol1KEJA$2ky5GAdhT1kH4kIgPN/oERE3Taiy43vNN70a3HpiKQU:hashcat
Session..........: hashcat
Status...........: Cracked
Hash.Mode........: 34000
Hash.Target......: $argon2id$v=19$m=65536,t=3,p=1$FBMjI4RJBhIykCgol1KE...HpiKQU
Time.Started.....: Fri Aug 1 14:07:43 2025
Time.Estimated...: Fri Aug 1 14:07:57 2025
Kernel.Feature...: Pure Kernel
Guess.Mask.......: ?l?l?l?lcat
Guess.Queue......: 1/1
Speed.#01........: 1699 H/s @ Accel:354 Loops:1 Thr:32 Vec:1
Speed.#02........: 1696 H/s @ Accel:354 Loops:1 Thr:32 Vec:1
Speed.#*.........: 3395 H/s
Recovered........: 1/1 Digests, 1/1 Digests
Progress.........: 45666/456976
Rejected.........: 0/45666
Restore.Point....: 1062/17576
Restore.Sub.#01..: Salt:0 Amplifier:12-13 Iteration:11-12
Restore.Sub.#02..: Salt:0 Amplifier:12-13 Iteration:10-11
Candidate.Engine.: Device Generator
Candidates.#01...: htrecat -> hoelcat
Candidates.#02...: hepacat -> hbencat
Hardware.Mon.#01.: Temp: 53c Fan: 30% Util: 99% Core:2790MHz Mem:10251MHz Bus:16
Hardware.Mon.#02.: Temp: 51c Fan: 30% Util: 99% Core:2715MHz Mem:10251MHz Bus:8
Started: Fri Aug 1 14:07:35 2025
Stopped: Fri Aug 1 14:07:58 2025
Attack types
Hashcat offers multiple attack modes for obtaining effective and complex coverage over a hash's keyspace. These modes are:- Brute-force attack
- Combinator attack
- Dictionary attack
- Fingerprint attack
- Hybrid attack
- Mask attack
- Permutation attack
- Rule-based attack
- Table-Lookup attack
- Toggle-Case attack
- PRINCE attack