Cybersecurity Tools Cheat Sheets: Quick Reference Commands and Techniques

Hashcat Cheat Sheet

38 enrolled
~185 min
09-01-2026
1 pt

Chapter Content

Deep dive into cybersecurity fundamentals

Hashcat Cheat Sheet

Complete GPU Password Cracking Reference

GPU-accelerated • 300+ hash types • Attack modes • Rules

📅 Updated: December 2024⏱️ 25 min read🔧 Hashcat 6.2+

What is Hashcat?

Hashcat is the world's fastest and most advanced password recovery utility, supporting more than 300 highly optimized hashing algorithms. It uses GPU acceleration to achieve billions of password attempts per second.

Hashcat comes pre-installed on Kali Linux. Download from hashcat.net.

📦 Installation

Kali Linux

sudo apt install hashcat

Download Latest

# Download from hashcat.net
wget https://hashcat.net/files/hashcat-6.2.6.7z

Check GPU Support

hashcat -I

🎯 Basic Usage

hashcat [options] hashfile [wordlist|mask]
# Basic dictionary attack
hashcat -m 0 hashes.txt rockyou.txt

# Show cracked passwords
hashcat -m 0 hashes.txt --show

# List hash types
hashcat --help | grep -i "hash modes"

# Benchmark all hash types
hashcat -b

# Benchmark specific hash type
hashcat -b -m 1000

⚔️ Attack Modes (-a)

Mode Name Description
-a 0 Dictionary Try each word in wordlist
-a 1 Combinator Combine words from two wordlists
-a 3 Brute-force (Mask) Pattern-based brute force
-a 6 Hybrid Wordlist+Mask Wordlist with mask appended
-a 7 Hybrid Mask+Wordlist Mask with wordlist appended
-a 9 Association Word associations 
# Dictionary attack
hashcat -m 0 -a 0 hashes.txt rockyou.txt

# Combinator attack (word1+word2)
hashcat -m 0 -a 1 hashes.txt wordlist1.txt wordlist2.txt

# Mask/Brute-force attack
hashcat -m 0 -a 3 hashes.txt '?a?a?a?a?a?a'

# Hybrid: wordlist + 4 digits
hashcat -m 0 -a 6 hashes.txt wordlist.txt '?d?d?d?d'

# Hybrid: 2 digits + wordlist
hashcat -m 0 -a 7 hashes.txt '?d?d' wordlist.txt

🎭 Mask Characters

Placeholder Character Set
?l abcdefghijklmnopqrstuvwxyz
?u ABCDEFGHIJKLMNOPQRSTUVWXYZ
?d 0123456789
?h 0123456789abcdef
?H 0123456789ABCDEF
?s !"#$%&'()*+,-./:;<=>?@[\]^_`{|}~
?a ?l?u?d?s (all printable)
?b 0x00 - 0xff (all bytes) 
# 8 lowercase letters
hashcat -m 0 -a 3 hashes.txt '?l?l?l?l?l?l?l?l'

# Capital + 6 lowercase + digit
hashcat -m 0 -a 3 hashes.txt '?u?l?l?l?l?l?l?d'

# Company + 4 digits
hashcat -m 0 -a 3 hashes.txt 'Company?d?d?d?d'

# Custom charset: only use abc123
hashcat -m 0 -a 3 hashes.txt -1 abc123 '?1?1?1?1?1?1'

# Incrementing length (1-8 chars)
hashcat -m 0 -a 3 hashes.txt --increment --increment-min=1 --increment-max=8 '?a?a?a?a?a?a?a?a'

📋 Common Hash Types (-m)

Mode Hash Type
0 MD5
100 SHA1
1400 SHA256
1700 SHA512
1000 NTLM
3000 LM
5600 NetNTLMv2
13100 Kerberos TGS-REP (etype 23)
18200 Kerberos AS-REP (etype 23)
500 md5crypt ($1$)
1800 sha512crypt ($6$)
3200 bcrypt ($2*$)
22000 WPA-PBKDF2-PMKID+EAPOL
2500 WPA/WPA2 
# List all hash modes
hashcat --help | grep -E '^\s+[0-9]'

# Search for specific hash type
hashcat --help | grep -i kerberos

📜 Rules

# Use built-in rules
hashcat -m 0 -a 0 hashes.txt rockyou.txt -r /usr/share/hashcat/rules/best64.rule

# Chain multiple rule files
hashcat -m 0 -a 0 hashes.txt rockyou.txt -r rule1.rule -r rule2.rule

# Generate random rules
hashcat -m 0 -a 0 hashes.txt rockyou.txt -g 1000

Popular Rule Files

best64.rule Most effective 64 rules
rockyou-30000.rule 30K rules from rockyou analysis
d3ad0ne.rule Comprehensive rule set
dive.rule Large comprehensive set
toggles1-5.rule Case toggle rules

⚡ Performance Options

Flag Description
-w 1-4 Workload profile (1=low, 4=nightmare)
-O Optimized kernels (faster, limits password length)
-d DEVICES Select OpenCL devices (comma-separated)
-D TYPES Device types (1=CPU, 2=GPU, 3=FPGA)
--force Ignore warnings 
# Maximum performance
hashcat -m 0 -a 0 -w 4 -O hashes.txt rockyou.txt

# Use specific GPU
hashcat -m 0 -a 0 -d 1 hashes.txt rockyou.txt

# List devices
hashcat -I

💾 Session Management

# Name a session
hashcat -m 0 hashes.txt rockyou.txt --session=mycrack

# Restore session
hashcat --session=mycrack --restore

# Show cracked passwords
hashcat -m 0 hashes.txt --show

# Output to file
hashcat -m 0 hashes.txt rockyou.txt -o cracked.txt

# Output format (hash:password)
hashcat -m 0 hashes.txt rockyou.txt -o cracked.txt --outfile-format=2

🔥 Common Attack Scenarios

# Crack NTLM with wordlist
hashcat -m 1000 -a 0 ntlm.txt rockyou.txt

# Crack NTLM with rules
hashcat -m 1000 -a 0 ntlm.txt rockyou.txt -r best64.rule

# Kerberoast attack
hashcat -m 13100 -a 0 kerberos.txt rockyou.txt

# AS-REP Roasting
hashcat -m 18200 -a 0 asrep.txt rockyou.txt

# NetNTLMv2 (from Responder)
hashcat -m 5600 -a 0 netntlmv2.txt rockyou.txt

# WPA2 handshake
hashcat -m 22000 -a 0 capture.hc22000 rockyou.txt

# Linux shadow (SHA512)
hashcat -m 1800 -a 0 shadow.txt rockyou.txt

# MD5 with mask (8 chars, letter + numbers)
hashcat -m 0 -a 3 hashes.txt '?l?l?l?l?d?d?d?d'

⚡ Hashcat Cheat Sheet Complete!

You now have a comprehensive reference for the world's fastest password cracker. From dictionary attacks to complex masks, these commands leverage GPU power to crack passwords at incredible speeds.

Dictionary Mask Rules Hybrid GPU

Ready to crack at maximum speed!

Knowledge Validation

Demonstrate your understanding to earn points and progress

1
Chapter Question

What Hashcat flag specifies the attack mode?

1
Read
2
Validate
3
Complete

Ready to track your progress?

Create a free account to save your progress, earn points, and access 170+ hands-on cybersecurity labs.

Start Learning Free

Course Progress

Track your learning journey

0 /9
0 % Complete
9 Remaining
Course Chapters

No chapters found for this filter

Join 5,000+ hackers learning cybersecurity with hands-on labs. Create Account