Hash

Introduction Password cracking is an offline process where you attempt to recover plaintext from captured hashes or protected files. In penetration tests, weak or reused passwords are common, so success usually comes from smart wordlists and realistic mutations rather than raw brute force. Hashcat is the main tool for this workflow because it supports many algorithms and scales well on GPUs. Hashing, Salting, and Encryption Hashing turns input into a fixed-length digest and is designed to be one-way, so cracking depends on guessing candidates and comparing their hashes. Slow password hashes like PBKDF2 or bcrypt increase cost, while fast hashes like MD5 or SHA1 remain common in legacy systems and breach dumps, and salting reduces rainbow table value without preventing offline attacks. Encryption is reversible with a key and appears in data-at-rest or transport use cases, so it is a different problem from password hashing. The list below summarizes common encryption families, and the commands that follow show how salting changes a digest. ...