hashcat - advanced password recovery

Download

Name	Version	Date	Download	Signature
hashcat binaries	v7.1.2	2025.08.23	Download	PGP
hashcat sources	v7.1.2	2025.08.23	Download	PGP

Signing key on PGP keyservers: RSA, 2048-bit. Key ID: 2048R/8A16544F. Fingerprint: A708 3322 9D04 0B41 99CC 0052 3C17 DA8B 8A16 544F

Check out our GitHub Repository for the latest development version

GPU Driver requirements:

AMD GPUs on Linux require "AMD Radeon Software for Linux" with "ROCm"
AMD GPUs on Windows require "AMD Adrenalin Edition" and "AMD HIP SDK"
Intel and AMD CPUs require "Intel CPU Runtime for OpenCL" or PoCL
Intel GPUs require "Intel Graphics Compute Runtime" aka NEO
NVIDIA GPUs require "NVIDIA CUDA Toolkit"

Features

World's fastest password cracker
World's first and only in-kernel rule engine
Free
Open-Source (MIT License)
Multi-OS (Linux, Windows and macOS)
Multi-Platform (CPU, GPU, APU, etc., everything that comes with an OpenCL runtime)
Multi-Hash (Cracking multiple hashes at the same time)
Multi-Devices (Utilizing multiple devices in same system)
Multi-Device-Types (Utilizing mixed device types in same system)
Supports password candidate brain functionality
Supports distributed cracking networks (using overlay)
Supports interactive pause / resume
Supports sessions
Supports restore
Supports reading password candidates from file and stdin
Supports hex-salt and hex-charset
Supports automatic performance tuning
Supports automatic keyspace ordering markov-chains
Built-in benchmarking system
Integrated thermal watchdog
450+ Hash-types implemented with performance in mind
... and much more

Screenshot

hashcat screenshot

Algorithms

MD4
MD5
MD6 (256)
SHA1
SHA2-224
SHA2-256
SHA2-384
SHA2-512
SHA3-224
SHA3-256
SHA3-384
SHA3-512
RIPEMD-160
RIPEMD-320
BLAKE2b-256
BLAKE2b-512
BLAKE2s-256
GOST R 34.11-2012 (Streebog) 256-bit, big-endian
GOST R 34.11-2012 (Streebog) 512-bit, big-endian
GOST R 34.11-94
Half MD5
Keccak-224
Keccak-256
Keccak-384
Keccak-512
ShangMi 3 (SM3)
Whirlpool
md5(utf16le($pass))
sha1(utf16le($pass))
sha256(utf16le($pass))
sha384(utf16le($pass))
sha512(utf16le($pass))
BLAKE2b-256($pass.$salt)
BLAKE2b-256($salt.$pass)
BLAKE2b-512($pass.$salt)
BLAKE2b-512($salt.$pass)
md5($pass.$salt)
md5($salt.$pass)
md5($salt.$pass.$salt)
md5($salt.md5($pass))
md5($salt.md5($pass).$salt)
md5($salt.md5($pass.$salt))
md5($salt.md5($salt.$pass))
md5($salt.sha1($salt.$pass))
md5($salt.utf16le($pass))
md5($salt1.$pass.$salt2)
md5($salt1.sha1($salt2.$pass))
md5($salt1.strtoupper(md5($salt2.$pass)))
md5(md5($pass))
md5(md5($pass).md5($salt))
md5(md5($pass.$salt))
md5(md5($salt).md5(md5($pass)))
md5(md5(md5($pass)))
md5(md5(md5($pass)).$salt)
md5(md5(md5($pass).$salt1).$salt2)
md5(md5(md5($pass.$salt1)).$salt2)
md5(sha1($pass))
md5(sha1($pass).$salt)
md5(sha1($pass).md5($pass).sha1($pass))
md5(sha1($pass.$salt))
md5(sha1($salt).md5($pass))
md5(sha1($salt.$pass))
md5(sha1(md5($pass)))
md5(strtoupper(md5($pass)))
md5(utf16le($pass).$salt)
sha1($pass.$salt)
sha1($salt.$pass)
sha1($salt.$pass.$salt)
sha1($salt.sha1($pass))
sha1($salt.sha1($pass.$salt))
sha1($salt.sha1(utf16le($username).':'.utf16le($pass)))
sha1($salt.utf16le($pass))
sha1($salt1.$pass.$salt2)
sha1(CX)
sha1(md5($pass))
sha1(md5($pass).$salt)
sha1(md5($pass.$salt))
sha1(md5(md5($pass)))
sha1(sha1($pass))
sha1(sha1($pass).$salt)
sha1(sha1($salt.$pass.$salt))
sha1(utf16le($pass).$salt)
sha224($pass.$salt)
sha224($salt.$pass)
sha224(sha1($pass))
sha224(sha224($pass))
sha256($pass.$salt)
sha256($salt.$pass)
sha256($salt.$pass.$salt)
sha256($salt.sha256($pass))
sha256($salt.sha256_bin($pass))
sha256($salt.utf16le($pass))
sha256(md5($pass))
sha256(sha256($pass).$salt)
sha256(sha256($pass.$salt))
sha256(sha256_bin($pass))
sha256(utf16le($pass).$salt)
sha384($pass.$salt)
sha384($salt.$pass)
sha384($salt.utf16le($pass))
sha384(utf16le($pass).$salt)
sha512($pass.$salt)
sha512($salt.$pass)
sha512($salt.utf16le($pass))
sha512(sha512($pass).$salt)
sha512(sha512_bin($pass).$salt)
sha512(utf16le($pass).$salt)
HMAC-BLAKE2S (key = $pass)
HMAC-MD5 (key = $pass)
HMAC-MD5 (key = $salt)
HMAC-RIPEMD160 (key = $pass)
HMAC-RIPEMD160 (key = $salt)
HMAC-RIPEMD320 (key = $pass)
HMAC-RIPEMD320 (key = $salt)
HMAC-SHA1 (key = $pass)
HMAC-SHA1 (key = $salt)
HMAC-SHA256 (key = $pass)
HMAC-SHA256 (key = $salt)
HMAC-SHA512 (key = $pass)
HMAC-SHA512 (key = $salt)
HMAC-Streebog-256 (key = $pass), big-endian
HMAC-Streebog-256 (key = $salt), big-endian
HMAC-Streebog-512 (key = $pass), big-endian
HMAC-Streebog-512 (key = $salt), big-endian
SipHash
CRC32
CRC32C
CRC64Jones
Java Object hashCode()
MurmurHash
MurmurHash3
MurmurHash64A
MurmurHash64A (zero seed)
MurmurHash64A truncated (zero seed)
RC4 104-bit DropN
RC4 40-bit DropN
RC4 72-bit DropN
3DES (PT = $salt, key = $pass)
DES (PT = $salt, key = $pass)
AES-128-ECB NOKDF (PT = $salt, key = $pass)
AES-192-ECB NOKDF (PT = $salt, key = $pass)
AES-256-ECB NOKDF (PT = $salt, key = $pass)
ChaCha20
Linux Kernel Crypto API (2.4)
Skip32 (PT = $salt, key = $pass)
PBKDF1-SHA1
PBKDF2-HMAC-MD5
PBKDF2-HMAC-SHA1
PBKDF2-HMAC-SHA256
PBKDF2-HMAC-SHA512
Argon2
bcrypt
bcrypt(HMAC-SHA256($pass))
bcrypt(md5($pass))
bcrypt(sha1($pass))
bcrypt(sha256($pass))
bcrypt(sha512($pass))
scrypt
phpass
TACACS+
DANE RFC7929/RFC8162 SHA2-256
SIP digest authentication (MD5)
IKE-PSK MD5
IKE-PSK SHA1
SNMPv3 HMAC-MD5-96
SNMPv3 HMAC-MD5-96/HMAC-SHA1-96
SNMPv3 HMAC-SHA1-96
SNMPv3 HMAC-SHA224-128
SNMPv3 HMAC-SHA256-192
SNMPv3 HMAC-SHA384-256
SNMPv3 HMAC-SHA512-384
WPA-EAPOL-PBKDF2
WPA-EAPOL-PMK
WPA-PBKDF2-PMKID+EAPOL
WPA-PMK-PMKID+EAPOL
WPA-PMKID-PBKDF2
WPA-PMKID-PMK
IPMI2 RAKP HMAC-MD5
IPMI2 RAKP HMAC-SHA1
CRAM-MD5
MS SNTP
JWT (JSON Web Token)
Kerberos 5, etype 17, TGS-REP
Kerberos 5, etype 17, Pre-Auth
Kerberos 5, etype 17, DB
Kerberos 5, etype 17, AS-REP
Kerberos 5, etype 18, TGS-REP
Kerberos 5, etype 18, Pre-Auth
Kerberos 5, etype 18, DB
Kerberos 5, etype 18, AS-REP
Kerberos 5, etype 23, AS-REQ Pre-Auth
Kerberos 5, etype 23, TGS-REP
Kerberos 5, etype 23, AS-REP
NetNTLMv1 / NetNTLMv1+ESS
NetNTLMv1 / NetNTLMv1+ESS (NT)
NetNTLMv2
NetNTLMv2 (NT)
Flask Session Cookie ($salt.$salt.$pass)
Amazon AWS Signature Version 4
iSCSI CHAP authentication, MD5(CHAP)
RACF
RACF KDFAES
AIX {smd5}
AIX {ssha1}
AIX {ssha256}
AIX {ssha512}
LM
QNX /etc/shadow (MD5)
QNX /etc/shadow (SHA256)
QNX /etc/shadow (SHA512)
QNX 7 /etc/shadow (SHA512)
DPAPI masterkey file v1 (context 1 and 2)
DPAPI masterkey file v1 (context 3)
DPAPI masterkey file v2 (context 1 and 2)
DPAPI masterkey file v2 (context 3)
GRUB 2
MS-AzureSync PBKDF2-HMAC-SHA256
AS/400 DES
AS/400 SSHA1
BSDi Crypt, Extended DES
NTLM
Radmin2
Samsung Android Password/PIN
Microsoft Online Account
Windows Hello PIN/Password
Windows Phone 8+ PIN/password
Cisco-ASA MD5
Cisco-IOS $8$ (PBKDF2-SHA256)
Cisco-IOS $9$ (scrypt)
Cisco-IOS type 4 (SHA256)
Cisco-ISE Hashed Password (SHA256)
Cisco-PIX MD5
Citrix NetScaler (PBKDF2-HMAC-SHA256)
Citrix NetScaler (SHA1)
Citrix NetScaler (SHA512)
Domain Cached Credentials, MS Cache
Domain Cached Credentials 2, MS Cache 2
Domain Cached Credentials, MS Cache (NT)
Domain Cached Credentials 2, MS Cache 2, (NT)
FortiGate (FortiOS)
FortiGate256 (FortiOS256)
ArubaOS
Juniper IVE
Juniper NetScreen/SSG (ScreenOS)
Juniper/NetBSD sha1crypt
iPhone passcode (UID key + System Keybag)
macOS v10.4, macOS v10.5, macOS v10.6
macOS v10.7
macOS v10.8+ (PBKDF2-SHA512)
bcrypt $2*$, Blowfish (Unix)
md5crypt, MD5 (Unix), Cisco-IOS $1$ (MD5)
descrypt, DES (Unix), Traditional DES
sha256crypt $5$, SHA256 (Unix)
sha512crypt $6$, SHA512 (Unix)
sm3crypt $sm3$, SM3 (Unix)
MSSQL (2000)
MSSQL (2005)
MSSQL (2012, 2014)
MongoDB ServerKey SCRAM-SHA-1
MongoDB ServerKey SCRAM-SHA-256
PostgreSQL
PostgreSQL CRAM (MD5)
PostgreSQL SCRAM-SHA-256
Oracle H: Type (Oracle 7+)
Oracle S: Type (Oracle 11+)
Oracle T: Type (Oracle 12+)
MySQL $A$ (sha256crypt)
MySQL CRAM (SHA1)
MySQL323
MySQL4.1/MySQL5
Sybase ASE
DNSSEC (NSEC3)
KNX IP Secure - Device Authentication Code
CRAM-MD5 Dovecot
SSHA-256(Base64), LDAP {SSHA256}
SSHA-512(Base64), LDAP {SSHA512}
Radmin3
Dahua Authentication MD5
RedHat 389-DS LDAP (PBKDF2-HMAC-SHA256)
Besder Authentication MD5
FileZilla Server >= 0.9.55
ColdFusion 10+
Apache $apr1$ MD5, md5apr1, MD5 (APR)
Episerver 6.x < .NET 4
Episerver 6.x >= .NET 4
hMailServer
nsldap, SHA-1(Base64), Netscape LDAP SHA
nsldaps, SSHA-1(Base64), Netscape LDAP SSHA
SAP CODVN B (BCODE)
SAP CODVN B (BCODE) from RFC_READ_TABLE
SAP CODVN F/G (PASSCODE)
SAP CODVN F/G (PASSCODE) from RFC_READ_TABLE
SAP CODVN H (PWDSALTEDHASH) iSSHA-1
SAP CODVN H (PWDSALTEDHASH) isSHA512
RSA Security Analytics / NetWitness (sha256)
Adobe AEM (SSPR, SHA-256 with Salt)
Adobe AEM (SSPR, SHA-512 with Salt)
PeopleSoft
PeopleSoft PS_TOKEN
NetIQ SSPR (MD5)
NetIQ SSPR (PBKDF2WithHmacSHA1)
NetIQ SSPR (PBKDF2WithHmacSHA256)
NetIQ SSPR (PBKDF2WithHmacSHA512)
NetIQ SSPR (SHA-1 with Salt)
NetIQ SSPR (SHA-256 with Salt)
NetIQ SSPR (SHA-512 with Salt)
NetIQ SSPR (SHA1)
SolarWinds Orion
SolarWinds Orion v2
SolarWinds Serv-U
Lotus Notes/Domino 5
Lotus Notes/Domino 6
Lotus Notes/Domino 8
OpenEdge Progress Encode
Oracle Transportation Management (SHA256)
Huawei sha1(md5($pass).$salt)
AuthMe sha256
AES Crypt (SHA256)
VMware VMX (PBKDF2-HMAC-SHA1 + AES-256-CBC)
LUKS
LUKS 2
VeraCrypt
BestCrypt v3 Volume Encryption
BestCrypt v4 Volume Encryption
FileVault 2
VirtualBox (PBKDF2-HMAC-SHA256 & AES-128-XTS)
VirtualBox (PBKDF2-HMAC-SHA256 & AES-256-XTS)
DiskCryptor
BitLocker
Android FDE (Samsung DEK)
Android FDE <= 4.3
Apple File System (APFS)
TrueCrypt
eCryptfs
PDF 1.1 - 1.3 (Acrobat 2 - 4)
PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #1
PDF 1.1 - 1.3 (Acrobat 2 - 4), collider #2
PDF 1.3 - 1.6 (Acrobat 4 - 8) w/ RC4-40
PDF 1.4 - 1.6 (Acrobat 5 - 8)
PDF 1.4 - 1.6 (Acrobat 5 - 8) - user and owner pass
PDF 1.7 Level 3 (Acrobat 9)
PDF 1.7 Level 8 (Acrobat 10 - 11)
MS Office 2007
MS Office 2010
MS Office 2013
MS Office 2016 - SheetProtection
MS Office <= 2003 $0/$1, MD5 + RC4
MS Office <= 2003 $0/$1, MD5 + RC4, collider #1
MS Office <= 2003 $0/$1, MD5 + RC4, collider #2
MS Office <= 2003 $3, SHA1 + RC4, collider #1
MS Office <= 2003 $3, SHA1 + RC4, collider #2
MS Office <= 2003 $3/$4, SHA1 + RC4
Open Document Format (ODF) 1.2 (SHA-256, AES)
Open Document Format (ODF) 1.1 (SHA-1, Blowfish)
Apple Secure Notes
Apple iWork
1Password, agilekeychain
1Password, cloudkeychain
1Password, mobilekeychain (1Password 8)
Password Safe v2
Password Safe v3
LastPass + LastPass sniffed
KeePass (KDBX v2/v3)
KeePass (KDBX v2/v3) - keyfile only
KeePass (KDBX v4)
Bitwarden
Ansible Vault
Mozilla key3.db
Mozilla key4.db
Apple Keychain
7-Zip
RAR3
RAR5
PKZIP
PKZIP Master Key
PKZIP Master Key (6 byte optimization)
SecureZIP AES-128
SecureZIP AES-192
SecureZIP AES-256
Veeam VBK
WinZip
Android Backup
Kremlin Encrypt 3.0 w/NewDES
Stuffit5
AxCrypt 1
AxCrypt 1 in-memory SHA1
AxCrypt 2 AES-128
AxCrypt 2 AES-256
iTunes backup < 10.0
iTunes backup >= 10.0
mega.nz password-protected link
WBB3 (Woltlab Burning Board)
WBB4 (Woltlab Burning Board) [bcrypt(bcrypt($pass))]
PHPS
SMF (Simple Machines Forum) > v1.1
MediaWiki B type
Redmine
Simpla CMS - md5($salt.$pass.md5($pass))
Umbraco HMAC-SHA1
Empire CMS (Admin password)
Joomla < 2.5.18
OpenCart
PrestaShop
Tripcode
Drupal7
CubeCart (whirlpool($salt.$pass.$salt))
PunBB
MyBB 1.2+, IPB2+ (Invision Power Board)
vBulletin < v3.8.5
vBulletin >= v3.8.5
osCommerce, xt:Commerce
TOTP (HMAC-SHA1)
Web2py pbkdf2-sha512
Perl Mojolicious session cookie
Django (PBKDF2-SHA256)
Django (SHA-1)
Apache Shiro 1 SHA-512
Atlassian (PBKDF2-HMAC-SHA1)
Ruby on Rails Restful-Authentication
Ruby on Rails Restful Auth (one round, no sitekey)
Python Werkzeug MD5 (HMAC-MD5 (key = $salt))
Python Werkzeug SHA256 (HMAC-SHA256 (key = $salt))
Python passlib pbkdf2-sha512
Python passlib pbkdf2-sha256
Python passlib pbkdf2-sha1
PKCS#8 Private Keys (PBKDF2-HMAC-SHA1 + 3DES/AES)
PKCS#8 Private Keys (PBKDF2-HMAC-SHA256 + 3DES/AES)
JKS Java Key Store Private Keys (SHA1)
GPG (AES-128/AES-256 (SHA-1($pass)))
GPG (AES-128/AES-256 (SHA-512($pass)))
GPG (AES-128/AES-256 (SHA-256($pass)))
GPG (CAST5 (SHA-1($pass)))
RSA/DSA/EC/OpenSSH Private Keys ($0$)
RSA/DSA/EC/OpenSSH Private Keys ($6$)
RSA/DSA/EC/OpenSSH Private Keys ($1, $3$)
RSA/DSA/EC/OpenSSH Private Keys ($4$)
RSA/DSA/EC/OpenSSH Private Keys ($5$)
XMPP SCRAM PBKDF2-SHA1
Teamspeak 3 (channel hash)
Telegram Desktop < v2.1.14 (PBKDF2-HMAC-SHA1)
Telegram Desktop >= v2.1.14 (PBKDF2-HMAC-SHA512)
Telegram Mobile App Passcode (SHA256)
Skype
Anope IRC Services (enc_sha256)
Terra Station Wallet (AES256-CBC(PBKDF2($pass)))
MetaMask Mobile Wallet
MetaMask Wallet (AES-GCM tag)
MetaMask Wallet (short hash, plaintext check)
Bisq .wallet (scrypt)
BitShares v0.x - sha512(sha512_bin(pass))
Bitcoin WIF private key (P2PKH), comp
Bitcoin WIF private key (P2PKH), uncomp
Bitcoin WIF private key (P2WPKH, Bech32), comp
Bitcoin WIF private key (P2WPKH, Bech32), uncomp
Bitcoin WIF private key (P2SH(P2WPKH)), comp
Bitcoin WIF private key (P2SH(P2WPKH)), uncomp
Bitcoin raw private key (P2PKH), comp
Bitcoin raw private key (P2PKH), uncomp
Bitcoin raw private key (P2WPKH, Bech32), comp
Bitcoin raw private key (P2WPKH, Bech32), uncomp
Bitcoin raw private key (P2SH(P2WPKH)), comp
Bitcoin raw private key (P2SH(P2WPKH)), uncomp
Bitcoin/Litecoin wallet.dat
Electrum Wallet (Salt-Type 1-3)
Electrum Wallet (Salt-Type 4)
Electrum Wallet (Salt-Type 5)
Blockchain, My Wallet
Blockchain, My Wallet, V2
Blockchain, My Wallet, Second Password (SHA256)
Blockchain, My Wallet, Legacy Wallets
Dogechain.info Wallet
Stargazer Stellar Wallet XLM
Ethereum Pre-Sale Wallet, PBKDF2-HMAC-SHA256
Ethereum Wallet, PBKDF2-HMAC-SHA256
Ethereum Wallet, SCRYPT
MultiBit Classic .key (MD5)
MultiBit Classic .wallet (scrypt)
MultiBit HD (scrypt)
Exodus Desktop Wallet (scrypt)
ENCsecurity Datavault (PBKDF2/no keychain)
ENCsecurity Datavault (PBKDF2/keychain)
ENCsecurity Datavault (MD5/no keychain)
ENCsecurity Datavault (MD5/keychain)
SQLCipher
SecureCRT MasterPassphrase v2

Attack-Modes

Straight ^*
Combination
Brute-force
Hybrid dict + mask
Hybrid mask + dict
Association ^*

^* accept Rules

Supported compute runtimes

AMD OpenCL
AMD ROCm
Apple OpenCL
Apple Metal
Intel OpenCL
NVidia OpenCL
NVidia CUDA
POCL OpenCL

Supported compute device types

Help

A detailed description of all commandline parameters is available by using

--help

. Next to that, the 7zip-package contains extensive documentation. Look for

examples.txt

. If you encounter a Bug, report it in the Forums where Fixes and Beta versions are announced as well.

If you still think you need help by a real human come to #hashcat on Libera.Chat IRC.