Hashcat
Hashcat is a free and open-source password recovery utility designed to crack hashed passwords using advanced computational methods, particularly leveraging GPU acceleration for unparalleled speed and efficiency.[1] It serves primarily as a tool for security professionals, penetration testers, and researchers to assess password strength by attempting to recover plaintext passwords from their cryptographic hash representations.[2] Renowned as the world's fastest password cracker, Hashcat supports over 450 highly optimized hashing algorithms, including common ones like MD5, SHA-1, and bcrypt, as well as specialized formats from applications such as KeePass and WPA2.[1][3] Originally developed by Jens Steube, known online as "atom," Hashcat traces its roots to 2009 when it was first released as a CPU-based tool to address limitations in existing crackers like John the Ripper, particularly in multi-threading for dictionary attacks.[4] It evolved through separate iterations—a CPU-focused version called hashcat-legacy and a GPU-accelerated variant named oclHashcat—before being unified into a single, versatile framework.[2] The project remained proprietary until December 2015, when Steube open-sourced it under the MIT license, enabling widespread community contributions and rapid advancements.[5] This transition marked a pivotal moment, transforming Hashcat into a collaborative effort hosted on GitHub, with ongoing development led by Steube and reviewed by a board of contributors.[3] As of August 2025, the tool has reached version 7.1.2, incorporating bug fixes, new hash modes like Argon2 for KeePass, and enhanced performance tuning.[1] At its core, Hashcat employs six distinct attack modes to generate password candidates: Straight (dictionary-based), Combination (merging multiple wordlists), Brute-force (mask attacks), Hybrid Wordlist + Mask, Hybrid Mask + Wordlist, and Association.[2] Rules can be applied to dictionary-based modes (including hybrids) for dynamic transformations of candidates. A standout innovation is its in-kernel rule engine—the first of its kind—which allows for dynamic modification of candidate passwords directly within the GPU kernel, enabling complex transformations without excessive CPU overhead.[1] The software is cross-platform, running on Linux, Windows, and macOS, and compatible with various hardware including CPUs, NVIDIA GPUs via CUDA, AMD GPUs via ROCm or OpenCL, and even distributed setups across multiple devices.[1] Additional capabilities include benchmarking for performance evaluation, multi-hash processing to crack batches of hashes simultaneously, and integration with external tools for rule generation, making it indispensable for forensic analysis and security auditing.[2]History
Origins and Early Development
Hashcat originated as a hobby project developed by Jens 'atom' Steube, a German information security researcher with a background in bug hunting and vulnerability discovery. Steube, who had identified numerous exploitable flaws in software during his early career, began working on the tool to address limitations in existing password cracking utilities, particularly their inefficient use of multi-core CPUs. Initially named "atomcrack," the project focused on creating a fast, multi-threaded cracker for UNIX-like systems, emphasizing dictionary-based attacks optimized for modern processors.[6][7] The first official release, version 0.30, arrived on December 24, 2009, marking the tool's rebranding to "hashcat" and its public debut as a CPU-based password recovery utility. This version introduced support for basic hashing algorithms such as MD5, leveraging SSE2 assembly instructions for accelerated performance on Intel and AMD processors, and prioritized straightforward dictionary attacks without GPU involvement. Early iterations remained proprietary, distributed as closed-source binaries, which limited community contributions but allowed Steube to refine core functionalities iteratively.[6] Steube's expertise extended beyond tool development; in 2012, he contributed to malware analysis by creating GaussCrack, a specialized cracker to decrypt encrypted data blocks in the Gauss malware, aiding researchers at Kaspersky Lab in understanding the sophisticated cyber-espionage tool. This effort highlighted his practical application of cracking techniques to real-world security challenges. A notable update came with version 0.40 in August 2012, which expanded platform compatibility by adding official binaries for Mac OS X while maintaining the CPU-centric approach and support for algorithms like MD5 and SHA-1. Throughout its early years, hashcat's proprietary status persisted until its transition to open-source in 2015.[8][9][6]Open-Sourcing and Major Releases
Hashcat was released as open-source software under the MIT license in December 2015 by its primary developer Jens "atom" Steube, in collaboration with co-developer Gabriele "matrix" Gristina, marking a significant shift from its earlier proprietary status and enabling broader community contributions.[5][10] In June 2016, the project underwent a major unification with the release of version 3.00, merging the original CPU-based hashcat with the GPU-accelerated variants oclHashcat (for OpenCL) and cudaHashcat (for CUDA) into a single, streamlined tool under the hashcat name.[11] This consolidation eliminated the need for separate maintenance of parallel codebases, allowing developers to implement hash modes and features once for all supported hardware backends, and it laid the foundation for enhanced cross-platform compatibility. The project continued to evolve through incremental updates, with version 6.2.6 released in September 2022 as a key pre-2025 milestone that incorporated ongoing refinements, including support for emerging hardware like Apple's Metal API and additional hash modes.[1] Development remained active via the official GitHub repository, fostering contributions from a growing community of over 100 developers by the mid-2020s. A landmark update arrived with version 7.0.0 on August 1, 2025, following more than two years of intensive development that involved over 900,000 lines of code changes and input from 105 contributors, including 74 first-time participants.[12] This release introduced hash-mode autodetection for simplified usage, official Docker support for containerized deployments, and new built-in tools for hash extraction from various file formats, significantly expanding the tool's accessibility and integration capabilities.[13][14] Subsequent maintenance releases quickly followed to address stability and usability: version 7.1.0 on August 16, 2025, added support for additional algorithms like LUKS2 and KeePass KDBX v4 while fixing Python Bridge integration issues; version 7.1.1 on August 17, 2025, resolved multi-hash processing bugs in those new modes; and version 7.1.2 on August 23, 2025, restored compatibility for status views and introduced a Rust bridge plugin for further extensibility.[15][1] These patches exemplified the project's commitment to rapid iteration, with all updates hosted on GitHub for transparent, community-driven progress.[3]Technical Features
Supported Hashing Algorithms
Hashcat supports over 450 optimized hashing algorithms, enabling comprehensive password recovery across a wide range of systems and applications.[16] This extensive coverage includes legacy formats, modern cryptographic primitives, and specialized hashes from databases, network protocols, and operating systems, making it a versatile tool for security professionals and researchers.[12] The algorithms are categorized by type for clarity in usage. Raw hash algorithms form the foundation, encompassing direct cryptographic functions such as MD5 (mode 0), MD4 (mode 900), SHA-1 (mode 100), the SHA-2 family including SHA-256 (mode 1400) and SHA-512 (mode 1700), and SHA-3 variants.[16] Database-specific hashes target common storage mechanisms, like MySQL 3.23 (mode 200), MySQL 4.1/5 (mode 300), PostgreSQL MD5 (mode 11100), and Cisco PIX/ASA/IOS (mode 5700).[17] Unix and Linux password hashes include traditional formats such as LM hashes (mode 3000), Unix Crypt (mode 500), SHA-256crypt (mode 7400), and SHA-512crypt (mode 1800).[16] Network protocol hashes cover authentication mechanisms like Kerberos 5 (mode 13100), HTTP Digest Access Authentication (mode 11400), and NetNTLMv1 (mode 5500).[17] Modern and memory-hard algorithms are also supported, though some with inherent limitations due to their design for resistance against brute-force attacks. These include bcrypt (mode 3200), scrypt implementations, and Argon2 variants, which prioritize computational intensity over speed.[12] In version 7.0.0, released in 2025, Hashcat introduced enhancements to several algorithms, including improved scrypt support with up to 320% performance gains and optimized NetNTLMv2 handling with 223% faster cracking on Intel hardware.[12] Additionally, 58 new application-specific hash types were added, such as those for MetaMask, Microsoft Online Accounts, SNMPv3, GPG, OpenSSH, and LUKS2, expanding coverage to contemporary software and protocols.[12] Hashcat employs a hash-mode numbering system to specify algorithms via the -m flag, where each unique mode corresponds to a particular hash format or construction—for instance, -m 0 for raw MD5 or -m 13100 for Kerberos 5 AS-REQ Pre-Auth etype 23.[16] Starting with version 7.0.0, an autodetection feature allows users to omit the -m flag entirely; Hashcat automatically identifies the hash type from input files, or the --identify option can list possible modes for ambiguous cases, streamlining workflows without manual specification.[12] This system ensures precise targeting in various attack modes, such as straight brute-force or dictionary attacks.Attack Modes and Rule Engine
Hashcat employs six primary attack modes to generate password candidates for cracking hashed passwords, each tailored to different strategies for balancing coverage and computational efficiency. The straight attack mode, also known as dictionary attack (mode 0), directly uses words from a single wordlist as candidates, making it suitable for common passwords or phrases found in dictionaries.[2] The combination attack mode (mode 1) concatenates words from two separate wordlists to form candidates, such as pairing usernames with common suffixes, which expands the search space combinatorially without exhaustive enumeration.[2] The brute-force or mask attack mode (mode 3) systematically generates candidates based on a user-defined mask that specifies character sets and positions, for instance,?l?l?l?l to target four lowercase letters (a-z), allowing precise control over the keyspace.[18] Hybrid wordlist + mask attack (mode 6) appends a mask to each word from a dictionary, enabling variations like adding digits to base words (e.g., "password" becomes "password1" through "password9").[2] Conversely, hybrid mask + wordlist attack (mode 7) prepends a mask to dictionary words, useful for patterns like numeric prefixes followed by names.[2] The association attack mode (mode 9), also known as permutation attack, generates all possible permutations of words from one or more wordlists, suitable for cracking passwords that are rearrangements of known word sets.[2]
For scenarios involving complex character sets, mask attacks are recommended over pure brute-force approaches due to their ability to reduce the keyspace significantly by focusing on likely patterns, such as names followed by years, thereby improving efficiency without sacrificing thoroughness.[18] In hybrid modes, the combinatorics arise from the product of the wordlist size and the mask's possibilities; for example, a 10,000-word dictionary combined with a mask like ?d (one digit) yields 90,000 candidates, allowing targeted expansion of known password bases.[2]
Central to Hashcat's flexibility is its in-kernel rule engine, the world's first implementation that processes transformation rules directly on the GPU or CPU kernel for maximal speed, generating billions of modified candidates per second to keep hardware fully utilized.[1] This engine applies rules to base words from wordlists in straight, hybrid, or association modes, supporting operations like toggling case at specific positions (e.g., ^ to uppercase the first letter), appending symbols or digits (e.g., $ followed by a character), and prepending elements, all without transferring data back to the host CPU.[19] Rule files, such as rules/best64.rule, contain thousands of predefined transformations derived from real-world password patterns, which can be loaded via the -r option and combined multiplicatively across multiple files to amplify candidate diversity while maintaining performance.[19]
Performance and Optimization
Hardware Acceleration
Hashcat primarily leverages hardware acceleration through the OpenCL framework to enable cross-platform support for GPUs from NVIDIA, AMD, and Intel, allowing parallel execution of hash computations on diverse accelerator hardware.[2] This approach replaced earlier proprietary backends, with CUDA support for NVIDIA GPUs initially deprecated following the 2016 merger of the CPU-based hashcat and OpenCL-based oclHashcat projects, though CUDA was reintroduced in version 6.0.0 (2020) for enhanced performance on compatible devices. The unified architecture ensures compatibility across vendors while prioritizing GPU cores for intensive workloads.[1] At its core, Hashcat employs kernel-based computation, where custom OpenCL kernels handle hash verification and candidate generation in parallel across thousands of GPU cores. This model is particularly suited to embarrassingly parallel tasks, such as evaluating multiple password candidates against a single hash, distributing the workload efficiently to maximize throughput without inter-core dependencies.[2] For systems lacking suitable GPU hardware, Hashcat falls back to CPU processing via OpenCL runtimes.[6] GPUs excel in accelerating fast, compute-bound hashes like MD5, achieving rates up to billions of hashes per second on modern cards due to their high parallelism.[2] To utilize hardware acceleration, Hashcat requires an OpenCL 1.2 or higher runtime, along with vendor-specific drivers such as the NVIDIA CUDA Toolkit for NVIDIA GPUs, AMD ROCm or Radeon Software for AMD, and Intel Graphics Compute Runtime for Intel integrated graphics.[1] High-throughput examples include the NVIDIA GeForce RTX 4090, which supports extensive VRAM (up to 24 GB) and delivers superior performance for large-scale cracking sessions.[2] However, limitations arise with memory-hard algorithms like bcrypt, which demand significant per-thread memory (at least 4 KB during key setup), constraining GPU efficiency due to limited on-core cache and shared memory bandwidth compared to CPUs.[20] In such cases, GPU acceleration yields lower relative speeds, often making CPU fallback preferable for optimal resource utilization.[2]Benchmarking and Speed Improvements
Hashcat's benchmark mode, activated via the-b option, executes standardized performance tests across supported hash modes on available devices, measuring computational throughput in hashes per second (H/s) without processing actual password candidates. This mode evaluates device capabilities under default parameters, providing a baseline for comparing hardware efficiency and software optimizations. It supports selective testing of specific algorithms via the -m flag or comprehensive runs with --benchmark-all, ensuring reproducible results for diagnostics and tuning.[2]
The output from benchmark mode includes detailed device information, such as hardware identifiers and driver versions, followed by per-algorithm speed metrics aggregated across devices (e.g., "Speed.#*: 3395 H/s") and individual device contributions (e.g., "Speed.#01: 1699 H/s"). Parameters like acceleration factor, loop counts, thread allocation, and vector width are displayed alongside each result, concluding with the total runtime of the test session. This format facilitates analysis of resource utilization and scalability in multi-device environments.[2][21]
Representative benchmarks on high-end GPUs demonstrate substantial throughput; for instance, MD5 achieves approximately 163 GH/s on an NVIDIA RTX 4090 using hashcat v7.0.0 under optimized kernels. Performance varies by algorithm complexity and hardware, with faster hashes like MD5 benefiting most from GPU parallelism, while slower ones like scrypt show gains through targeted optimizations.[22]
Several factors influence benchmark speeds, including the number of active devices for parallel scaling, overclocking to elevate clock rates beyond stock settings, and rule complexity in hybrid attack simulations that increase computational overhead. For unstable hardware configurations, the --force option bypasses safety checks to enable testing, though it risks system instability or reduced accuracy.[21]
Historically, early hashcat versions operated exclusively on CPUs, limiting speeds to megahashes per second for simple algorithms due to sequential processing constraints. The transition to GPU-optimized kernels via integration of oclHashcat components marked a pivotal shift, enabling gigahashes or higher on modern accelerators through massive parallelism. In v7.0.0, extensive refactoring yielded significant boosts, such as +320% for scrypt and +223% for NetNTLMv2 on Intel CPUs, driven by improved autotuning, memory management, and backend updates that reduced overhead and enhanced kernel efficiency.[2][12]
Usage
Installation and Setup
Hashcat can be acquired by downloading the latest release binaries from the official website at hashcat.net or the GitHub repository at github.com/hashcat/hashcat, with version 7.1.2 providing precompiled executables for Linux, Windows, and macOS in a single 7z archive.[1][3] Unpack the archive using 7z x to preserve file paths and directory structure.[3] On Linux systems, particularly Debian-based distributions like Ubuntu, Hashcat is available through the package manager by runningsudo apt update && sudo apt install hashcat, which installs the tool along with necessary dependencies.[23] Alternatively, to compile from source for custom configurations or the absolute latest features, clone the repository with git clone https://github.com/hashcat/hashcat.git, navigate to the directory, and execute make followed by sudo make install; this process requires OpenCL runtime and development libraries, such as those from the ocl-icd-opencl-dev package on Debian systems, to enable GPU acceleration.[24][3]
For Windows, extract the downloaded 7z archive to a directory of choice, then add the bin subdirectory to the system PATH environment variable for command-line access; additionally, install the Microsoft Visual C++ Redistributable (version 2015 or later) and appropriate GPU drivers, such as the NVIDIA CUDA Toolkit for NVIDIA cards or AMD Software for AMD GPUs.[1][3]
On macOS, the simplest method is using Homebrew by first ensuring it is installed and then running brew install hashcat, which handles dependencies automatically.[25] Compiling from source follows the same steps as Linux—cloning the repository and running make—but note that CUDA support is deprecated on macOS due to Apple's discontinuation of NVIDIA driver updates, so rely on OpenCL for GPU acceleration with AMD or Intel hardware.[24][1]
After installation on any platform, verify the setup by running hashcat --version to confirm the installed version and hashcat --benchmark to test hardware detection and baseline performance; use hashcat --help to review available command-line options and ensure proper configuration.[2] Since version 7.0.0, Hashcat also supports Docker for containerized setups via official images.[1]
Command-Line Examples
Hashcat's command-line interface follows a general syntax ofhashcat [options] <hashfile> <wordlist|mask|directory>, where key options include -m <num> to specify the hash mode (e.g., 0 for MD5) and -a <num> to select the attack mode (e.g., 0 for straight dictionary attack).[2]
A basic straight attack uses a dictionary file to test plaintext candidates against the provided hashes. For instance, to crack an MD5 hash from a file named example.md5 using the RockYou wordlist, the command is hashcat -m 0 -a 0 example.md5 rockyou.txt. During execution, Hashcat displays session information such as the hash mode and attack type, followed by a progress bar (e.g., [0/1 @ Pos 0, 1/100%]), real-time recovery speed in hashes per second (e.g., Speed.#*.........: 15.9 GH/s), and an estimated time of arrival (ETA) for completion. If successful, the output includes status updates like "Status: Cracked" and records the result in the default potfile or a specified outfile with the format hash:plaintext (e.g., 8743b52063cd84097a65d1633f5c74f5:[hashcat](/page/Hash)).[2][17][26]
For brute-force attacks, Hashcat employs masks to define the character set and length of candidates, using placeholders like ?l for lowercase letters (a-z), ?u for uppercase (A-Z), ?d for digits (0-9), and ?a for all 95 printable ASCII characters. An example mask attack on an MD5 hash might use hashcat -m 0 -a 3 example.md5 ?a?a?a?a?a, attempting all combinations of 5 characters from the ?a set (resulting in a keyspace of 95^5 ≈ 7.7 billion possibilities). Progress is shown incrementally, starting from the rightmost position (e.g., first trying candidates like aaaaa, then aaaab), with ongoing displays of the current position, speed, and ETA; upon cracking, it outputs "Recovered......: examplepass" alongside the full hash:plaintext pair.[18][2][26]
Hybrid attacks combine dictionary words with masks to extend candidates efficiently. A common hybrid wordlist-plus-mask example appends two digits to each word in a dictionary: hashcat -m 0 -a 6 rockyou.txt ?d?d example.[md5](/page/MD5), which tests entries like "password00" to "password99". The tool processes the wordlist sequentially, applying the mask to each base word, and provides the same runtime feedback including progress bars, rejection rates for invalid candidates, and speed metrics; cracked results appear as "Recovered......: password123" with the corresponding hash details saved to the output file.[2][17][26]
Variants
Legacy and GPU Versions
Hashcat originated with distinct variants tailored to different hardware capabilities. The CPU-based version, initially released as v0.30 on December 24, 2009, focused on multi-threaded dictionary attacks and rule-based cracking using SSE2 assembler, evolving through versions up to 2.00 before being rebranded as hashcat-legacy.[6] Parallel to this, GPU-accelerated editions emerged: oclHashcat, which leveraged OpenCL for AMD, Intel, and NVIDIA GPUs, with its first unified release as v1.00 on December 6, 2013, fusing prior oclHashcat-plus and oclHashcat-lite suites; and cudaHashcat, a proprietary NVIDIA-specific tool using the CUDA framework for optimized parallel hash cracking on NVIDIA hardware.[27][28] These pre-merger variants required separate binaries, with the CPU edition being notably slower for parallelizable hashing tasks compared to GPU counterparts, while oclHashcat targeted broader OpenCL-compatible environments, particularly AMD and Intel GPUs.[2] Hashcat-legacy remains available for CPU-only setups lacking OpenCL support, maintained primarily for legacy environments with its last major update in version 2.00 on December 4, 2015, offering fewer algorithms and features than contemporary releases, such as limited attack modes and no native GPU integration.[6][29] It supports core functionalities like dictionary and brute-force attacks but omits modern optimizations and newer hash types added post-merger.[30] The release of hashcat v3.00 on June 29, 2016, marked a pivotal unification, merging the CPU-based hashcat-legacy and oclHashcat into a single binary that handles both CPU and GPU processing via OpenCL, enabling parallel use of diverse devices like GPUs, CPUs, and APUs without separate installations.[11][2] This consolidation simplified deployment by reducing dependencies, such as eliminating the need for dedicated AMD-APP-SDK or NV-CUDA-SDK, and introduced options for multi-platform OpenCL selection.[11] As part of this shift, CUDA support from cudaHashcat was deprecated in favor of NVIDIA's OpenCL runtime for universality across vendors, though it resulted in minor performance trade-offs on pre-Maxwell NVIDIA GPUs due to less optimized OpenCL implementations at the time.[11] Hashcat-legacy persists as an optional fallback for non-OpenCL systems, but the unified version has become the standard.[2]Platform Compatibility
Hashcat provides full support for Linux distributions, including Ubuntu where it can be installed via the APT package manager, Windows 10 and 11 through native executable binaries, and current macOS versions, including Sonoma, Sequoia, and Tahoe, with native GPU acceleration via Metal on Apple Silicon hardware (since version 7.0.0).[1][3][31][12] The tool relies on the OpenCL runtime for GPU acceleration, which users must install separately via vendor-specific drivers such as the NVIDIA CUDA Toolkit for legacy compatibility, AMD ROCm on Linux, AMD HIP SDK on Windows, or Intel oneAPI for CPU-based OpenCL support; once installed, no internet connection is required for operation.[1][12] For cross-platform development and custom setups, Hashcat can be built from source by cloning the GitHub repository and using themake command on Linux and macOS, while Windows requires additional tools like Visual Studio; starting with version 7.0.0 (August 2025), an official Docker image enhances portability across Linux and Windows environments without needing native compilation.[24][12][32]
On macOS, following NVIDIA's deprecation of CUDA support in 2019, Hashcat depends entirely on OpenCL and native Metal APIs for GPU utilization, particularly on Apple Silicon chips like M1 and later models, with major speed improvements introduced in version 7.0.0.[33][12] Users on Windows can leverage WSL2 to run a Linux-like environment, enabling CUDA and OpenCL passthrough for GPU tasks within Ubuntu or similar distributions.[34]
Pre-compiled binaries for all supported platforms are available directly from the official GitHub releases and the hashcat.net download page, accompanied by hashcat-utils—a separate package of standalone auxiliary tools for tasks like wordlist generation and format conversion.[15][1][35]