home.social

#hashcracking — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #hashcracking, aggregated by home.social.

  1. Spider v1.0.0 released.

    Spider is not just another web crawler -- it is a purpose-built wordlist and ngram processor for hash cracking workflows.

    URL Mode:
    Point it at a URL and Spider crawls the target, extracts words, and generates frequency-sorted wordlists and/or ngrams.

    But, Spider does not stop at web crawling...

    File Mode:
    Feed it local files and it brings the same word-processing engine to your own datasets, scraped content, notes, dumps, configs, or any other plaintext source you want to turn into a targeted wordlist or ngram set.

    More info:
    forum.hashpwn.net/post/52

    #spider #webcrawler #wordlist #generator #sort #ngram #cyclone #hashpwn #hashcracking

  2. Spider v1.0.0 released.

    Spider is not just another web crawler -- it is a purpose-built wordlist and ngram processor for hash cracking workflows.

    URL Mode:
    Point it at a URL and Spider crawls the target, extracts words, and generates frequency-sorted wordlists and/or ngrams.

    But, Spider does not stop at web crawling...

    File Mode:
    Feed it local files and it brings the same word-processing engine to your own datasets, scraped content, notes, dumps, configs, or any other plaintext source you want to turn into a targeted wordlist or ngram set.

    More info:
    forum.hashpwn.net/post/52

    #spider #webcrawler #wordlist #generator #sort #ngram #cyclone #hashpwn #hashcracking

  3. Spider v1.0.0 released.

    Spider is not just another web crawler -- it is a purpose-built wordlist and ngram processor for hash cracking workflows.

    URL Mode:
    Point it at a URL and Spider crawls the target, extracts words, and generates frequency-sorted wordlists and/or ngrams.

    But, Spider does not stop at web crawling...

    File Mode:
    Feed it local files and it brings the same word-processing engine to your own datasets, scraped content, notes, dumps, configs, or any other plaintext source you want to turn into a targeted wordlist or ngram set.

    More info:
    forum.hashpwn.net/post/52

    #spider #webcrawler #wordlist #generator #sort #ngram #cyclone #hashpwn #hashcracking

  4. Spider v1.0.0 released.

    Spider is not just another web crawler -- it is a purpose-built wordlist and ngram processor for hash cracking workflows.

    URL Mode:
    Point it at a URL and Spider crawls the target, extracts words, and generates frequency-sorted wordlists and/or ngrams.

    But, Spider does not stop at web crawling...

    File Mode:
    Feed it local files and it brings the same word-processing engine to your own datasets, scraped content, notes, dumps, configs, or any other plaintext source you want to turn into a targeted wordlist or ngram set.

    More info:
    forum.hashpwn.net/post/52

    #spider #webcrawler #wordlist #generator #sort #ngram #cyclone #hashpwn #hashcracking

  5. Spider v1.0.0 released.

    Spider is not just another web crawler -- it is a purpose-built wordlist and ngram processor for hash cracking workflows.

    URL Mode:
    Point it at a URL and Spider crawls the target, extracts words, and generates frequency-sorted wordlists and/or ngrams.

    But, Spider does not stop at web crawling...

    File Mode:
    Feed it local files and it brings the same word-processing engine to your own datasets, scraped content, notes, dumps, configs, or any other plaintext source you want to turn into a targeted wordlist or ngram set.

    More info:
    forum.hashpwn.net/post/52

    #spider #webcrawler #wordlist #generator #sort #ngram #cyclone #hashpwn #hashcracking

  6. MD6 - The Failed SHA-3 Hash You Likely Never Heard Of

    While MD6 never made it into NIST as SHA-3, it has recently made its way into a few hash cracking contests.

    After a suggestion from Vavaldi from HashMob to add MD6 support to hashgen, I began working on a Pure Go MD6 port. Once that was complete, I added support for 5x common MD6 digest sizes to hashgen.

    MD6 - Pure Go port
    github.com/cyclone-github/md6

    hashgen v1.3.1 - MD6 support
    github.com/cyclone-github/hash

    #md6 #nist #sha3 #hashcracking #hashgen #cmiyc #ctc #golang #port

  7. MD6 - The Failed SHA-3 Hash You Likely Never Heard Of

    While MD6 never made it into NIST as SHA-3, it has recently made its way into a few hash cracking contests.

    After a suggestion from Vavaldi from HashMob to add MD6 support to hashgen, I began working on a Pure Go MD6 port. Once that was complete, I added support for 5x common MD6 digest sizes to hashgen.

    MD6 - Pure Go port
    github.com/cyclone-github/md6

    hashgen v1.3.1 - MD6 support
    github.com/cyclone-github/hash

    #md6 #nist #sha3 #hashcracking #hashgen #cmiyc #ctc #golang #port

  8. MD6 - The Failed SHA-3 Hash You Likely Never Heard Of

    While MD6 never made it into NIST as SHA-3, it has recently made its way into a few hash cracking contests.

    After a suggestion from Vavaldi from HashMob to add MD6 support to hashgen, I began working on a Pure Go MD6 port. Once that was complete, I added support for 5x common MD6 digest sizes to hashgen.

    MD6 - Pure Go port
    github.com/cyclone-github/md6

    hashgen v1.3.1 - MD6 support
    github.com/cyclone-github/hash

    #md6 #nist #sha3 #hashcracking #hashgen #cmiyc #ctc #golang #port

  9. MD6 - The Failed SHA-3 Hash You Likely Never Heard Of

    While MD6 never made it into NIST as SHA-3, it has recently made its way into a few hash cracking contests.

    After a suggestion from Vavaldi from HashMob to add MD6 support to hashgen, I began working on a Pure Go MD6 port. Once that was complete, I added support for 5x common MD6 digest sizes to hashgen.

    MD6 - Pure Go port
    github.com/cyclone-github/md6

    hashgen v1.3.1 - MD6 support
    github.com/cyclone-github/hash

    #md6 #nist #sha3 #hashcracking #hashgen #cmiyc #ctc #golang #port

  10. Released pcfg-go — a full Go rewrite of pcfg_cracker with ~3× faster training, ~40× faster guessing, $HEX[] and multi-byte support, improved trainer parsing...

    Full Details: forum.hashpwn.net/post/11277

    #pcfg #hashcracking #trainer #guesser #wordlist #generator #hashcat #hashpwn

  11. CsP’s @Waffle_Real just released a new tool called hashpipe, and it solves a problem many of us run into with large potfiles: messy, misidentified hash:password entries.

    hashpipe automatically validates founds by recomputing them, identifying the correct algorithm, and outputting verified results in an mdxfind format.

    If you maintain large cracking datasets or potfiles, this is a great way to verify and clean them up.

    Details:
    forum.hashpwn.net/post/11119

    GitHub repo:
    github.com/Cynosureprime/hashp

    #hashcracking #hashcat #jtr #hashpipe #CsP #cynosureprime #potfile #hashpwn

  12. Crackmon, a crack rate monitor for hashcat, now supports mdxfind in PR11.

    Example: stop current attack if <100 cracks / 5 minutes.

    crackmon -t 5 -c 100 hashcat {hashcat args}
    or
    crackmon -t 5 -c 100 mdxfind {mdxfind args}

    forum.hashpwn.net/post/6138

    #hashcat #mdxfind #hashcracking #hashpwn

  13. 🚀 New Release: hashgen v1.2.0

    Big update packed with new features:

    • Added 22 new modes: MySQL5, phpass, md5crypt, sha256crypt, sha512crypt, WordPress bcrypt-HMAC-SHA384 (wpbcrypt), base32 encode/decode, plus multiple hashcat modes including salted algos
    • Updated yescrypt defaults to match Debian 12
    • Read full changelog:
    forum.hashpwn.net/post/5810

    #hashgen #hashcat #infosec #golang #hashcracking #hashpwn #yescrypt #wordpressbcrypt

  14. Since Wordpress v6.8, the default hash func produces a custom bcrypt hash: $wp$2y$10$...

    More info on this custom algo, how it uses hmac-sha384, and how to crack them with hashcat.

    forum.hashpwn.net/post/4205

    #wordpress #bcrypt #wpbcrypt #hashcracking #hashpwn #hashgen #hashcat

  15. Did you know, John the Ripper can use hashcat rules?

    Unlike hashcat’s simple -r flag, JtR requires some manual setup in a conf file. @freeroute posted a step-by-step guide explaining how to do this.

    forum.hashpwn.net/post/2718

    #jtr #john #JohnTheRipper #hashcat #rules #hashcracking #infosec #howto #hashpwn

  16. So atom, main developer of @hashcat, used the "rapid prototyping in Python" plugin of the new "assimilation bridge" in the new hashcat 7¹, with some success in our DEF CON password CTF win this past weekend (hosted by @jabbercracky).

    Afterwards, atom realized it would make a good case study for how to use the new feature, so he wrote it up:

    hashcat.net/forum/thread-13346

    If you do exploration of mystery hash types (either for CTFs, or in the real world) ... this approach should absolutely be in your toolbox.

    ¹Note that some work was done during the contest to make the Python bridge plugin better for these use cases; next minor release of 7 will have it, or grab hashcat.net/beta/ or the latest GitHub main branch.

    #PasswordCracking #HashCracking
    #hashcat #hashcat7

  17. Great game to all who played on both Competitive and Casual in this year's first DEF CON Jabbercracky, and congrats to team hashcat for 1st place, team hashmob for a close 2nd in the Competitive class.

    forum.hashpwn.net/post/1974
    defcon.jabbercracky.com/

    #jabbercracky #defcon #hashcracking #contest #hashcat #hashmob #hashpwn

  18. Released: hashgen v1.3.0

    New in this version:

    * HMAC modes
    * PBKDF2 modes
    * scrypt support
    * additional BLAKE2 modes
    * hashcat UTF-16LE modes
    * optimized salt RNG on salted hashes
    * 95+ supported hash modes

    forum.hashpwn.net/post/89

    #hashgen #hashgenerator #hashcracking #hashpwn #golang

  19. Happy New Year!

    Hashpwn wrapped up our first full year in 2025 and had a lot of fun along the way.

    A big thank you to everyone who has been part of the community, and to our staff who helped turn an idea into a reality.

    Here's to 2026!

    forum.hashpwn.net/post/8234

    #hashpwn #hashcracking #forum

  20. hashpwn-2025 wordlist is available for download and now includes all founds submitted to forum.hashpwn.net from Oct 2024 - Dec 2025.

    forum.hashpwn.net/post/237

    #hashpwn #wordlist #dictionary #hashcracking

  21. A special thanks to our sponsors this year which made the prizes possible. Participates won over $700 worth of prizes in 13 different puzzles!

    • Hashpwn.net
    Hashpwn is an ethical hash cracking forum that offers moderated discussion, shared research, custom tools, all in a friendly and professional community.
    Sponsored: Daily Prizes, Grand Prize

    • Lethologica.nl
    Lethologica specializes in ethical crypto wallet recovery using advanced password research, digital forensics, and high-performance compute.
    Sponsored: Daily Prizes, Grand Prize

    • Hashes.com
    Hashes.com is a site dedicated to hash recovery with hash lookups, an escrow service, and an API to tie it all together.
    Sponsored: Grand Prize

    • Hashmob.net
    HashMob is a collaborative password research platform focused on hash recovery, analysis, and statistics. It provides shared hashlists, wordlists, tools, optimized rules, and APIs that help researchers and penetration testers improve real-world password security.
    Sponsored: 3-month Diamond Patreon Vouchers to hashmob.net, Daily Prizes, Grand Prize

    • Hashcracky.com
    Hashcracky hosts gamified hash cracking events where participants crack hashes, earn loot, and compete on live leaderboards. It blends competitive fun with real cracking skills through themed, time-limited challenges.
    Sponsored: Vouchers for 35k Gold and loot at hashcracky.com

    #hashpwn #lethologica #hashescom #hashmob #hashcracky #hashcracking #challenge #puzzle #christmas

  22. New Release: Hashes.com Escrow API Tool

    v1.1.2; 2025-11-21
    fixed redundant new line logic
    added http timeouts

    forum.hashpwn.net/post/6317

    #hashescom #escrow #hashcracking #api #tool #hashpwn

  23. 🎉 Happy 1st Birthday, hashpwn! 🎉

    Officially launched on October 12, 2024, what started as an idea between a few friends has grown into a thriving global community. Over the past year, forum activity has surged over 250%, with users represented from all around the world...

    forum.hashpwn.net/post/4686

    #hashpwn #forum #hashcracking #cybersecurity

  24. @tychotithonus has uploaded new mdxfind binaries:
    mdxfind 1.135 (2025-09-12)
    - Fixed segfault in SNE128 and SNE256
    - Force checks added for rhash variants
    - Better flushing of stdout
    - New hash type: MD5DECBASE64MD5BASE64MD5

    Download:
    techsolvency.com/pub/bin/mdxfi

    Mirror:
    forum.hashpwn.net/post/10

    #mdxfind #mdxsplit #techsolvency #hashcracking #hashpwn #md5

  25. As a fun experiment, I rewrote hashgen v1.2.0-dev in everyone's favorite memory safe, systems programming language, Rust.

    Was it easy? No. Was it worth it? Yes.

    Benchmarks show Rust is fast, but so is optimized Go.

    forum.hashpwn.net/post/4020

    #hashgen #golang #rust #benchmark #hashpwn #hashcracking

  26. hashgen v1.2.0-dev update:

    -added 20 new hash modes including Wordpress v6.8 Bcrypt, Linux shadow hashes, MySQL5, and multiple salted algos

    forum.hashpwn.net/post/89

    #hashgen #hashcracking #wordpressbcrypt #hmac_sha384 #linux #shadowfile #mysql

  27. New Release: hashgen v1.1.4

    This release adds multiple keccak and blake2 modes, a new benchmark option, and small performance boosts.

    forum.hashpwn.net/post/2596

    #hashgen #hashcracking #hashpwn

  28. "As CMIYC isn't running at DEFCON this year, Password Village has worked with In.security to bring Jabbercracky to DEFCON to fill the void this year!

    This will be a 48-hour event running from 12:00 noon on Friday 8th - 12:00 noon on Sunday 10th August."

    forum.hashpwn.net/post/793

    #cmiyc #KoreLogic #defcon #jabbercracky #insecurity #PasswordVillage #hashpwn #hashcat #hashmob #hashcracking #contest

  29. For those familiar with hashes.com and its escrow system, hashpwn is excited to announce the launch of our Hashes.com Escrow Feed which provides a historical archive of all escrow jobs and their full hash lists.

    forum.hashpwn.net/post/739

    #hashescom #escrow #hashcracking #hashpwn

  30. hashgen v1.1.3 published to github:

    Changelog:
    - added mode "hex" for $HEX[] formatted output
    - improved "plaintext/dehex" logic to decode both $HEX[] and raw base-16 input

    forum.hashpwn.net/post/679

    #hashgen #hashcracking #wordlist #hex #base64 #base58 #hashpwn

  31. Need to convert a #wordlist to #hash? Meet #hashgen, the blazingly fast hash generator. Currently supports 18+ modes such as #md5, #sha, #ntlm, #crc, #base64 encode/decode, and converting $HEX[] to #plaintext.
    Cross-compilable for Linux, Windows and Mac.
    forum.hashpwn.net/post/89
    #hashpwn #hashcracking #hashcat #hex

  32. After seeing yescrypt hashes appear in CMIYC a while back, I started developing a yescrypt cracker in pure Go. Since then, yescrypt has become the default /etc/shadow hash for many popular linux distros such as Debian, Ubuntu, RHEL, Fedora, and Arch (to name a few), but hash cracking support for this algo has been limited to JtR -- until now.

    Here's a sneak peek of the yescrypt_cracker POC:

    forum.hashpwn.net/post/446

    #yescrypt #hashcracking #cyclone #hashpwn #hashcat #cmiyc #jtr #johntheripper #golang

  33. Watch out complex passwords, there's a new combinator tool in town.

    Vavaldi just released Targinator, a feature-rich wordlist combinator that combines a wordlist with target hints in all possible positions, plus supports applying hashcat-style rules to either or both wordlists being combined.

    forum.hashpwn.net/post/652

    #hashcracking #combinator #hashcat #infosec #vavaldi #flagg #cyclone #hashpwn

  34. New to using Targinator? Here's a quick getting started guide for generating advanced wordlist combinations.

    Example command:
    ./targinator target_wordlist.txt ignis-10M.txt -x 1 -t cyclone_250.rule

    Full post: forum.hashpwn.net/post/674

    #targinator #hashcat #hashcracking #combo #combinator #hashpwn