The only tool you need for password cracking
Use Cases and Deployment Scope
Hashcat is one of those go-to tools for password cracking for pen testers and red teamers. GPU support makes it faster than other projects like John the Ripper. It supports every hash format I've run into, so no need to try and bring in other tools. It's an unofficial release, but I like some of the GUIs that people make for it when I don't feel like using the command line.
Pros
- GPU accelerated password cracking
- Rule based attacks
- Supports all the hash formats
Cons
- When drivers for your GPU aren't working it can be very frustrating to get started
- Some 3rd party GUI exists for Hashcat, but having an official one could be nice
Most Important Features
- Speed
- Rules that can be applied to dictionary attacks
- Can handle many hash formats
Return on Investment
- Hashcat is a free tool
- It can be used to test password policies
- Great tool for penetration testers doing offline password attacks
Other Software Used
John the Ripper