🔧 Malcolm Integration
bash

# Malcolm's zeekctl.cfg or local.zeek
redef SSL::root_certs += {
["PolarProxy Root CA"] = "/opt/polarproxy/certs/rootCA.pem"
};

# In Malcolm's docker-compose.yml, ensure port mapping:
# zeek:
# ports:
# - "57012:57012/tcp" # For PolarProxy PCAP feed

30 protocols but what about hashcat - how many protocols now?

Hashcat Protocol Support Count - As of hashcat v6.2.6 (latest stable), here are the current protocol/hash mode counts:
Total Protocols/Hash Modes: 423+

(This number grows with nearly every release) #hashcat,net #zeek

New version of hashgen released.

v1.2.2

- added mode: halfmd5 -m 5100
- added mode: morsedecode

https://forum.hashpwn.net/post/89

#hashgen #md5 #halfmd5 #hashcat #morsecode #morsedecode #hashcracking #hashpwn

Today's favourite crack

b7596968357e41f1598168d7512b4fa91def2b01:Holyshitihatepasswords!

#hashcat #mdxfind

#hashcat

Standalone #password candidate generator using the PRINCE algorithm

https://github.com/hashcat/princeprocessor

#security #hashcat

Comme dans mon bureau il fait 13°C le matin et 16°C l’après midi j’ai relancé un audit des mots de passe sur #hashcat (GPU) et #John (CPU).
Un chouilla bruyant mais la température monte doucement ♨️

Demain ça devrait être à nouveau vivable.

Looking for a language specific wordlist? We are too! Share yours with the hashpwn community.

https://forum.hashpwn.net/post/7639

#hashpwn #wordlist #hashcracking #language #hashcat #jtr #dict #dictionary

Crackmon, a crack rate monitor for hashcat, now supports mdxfind in PR11.

Example: stop current attack if <100 cracks / 5 minutes.

crackmon -t 5 -c 100 hashcat {hashcat args}
or
crackmon -t 5 -c 100 mdxfind {mdxfind args}

https://forum.hashpwn.net/post/6138

#hashcat #mdxfind #hashcracking #hashpwn

A quick run down on some of the attacks and wordlist augmentation options in Hashcatalyst https://in.security/2025/11/11/hashcatalyst-automating-password-cracking

#hashcat

🚀 New Release: hashgen v1.2.0

Big update packed with new features:

• Added 22 new modes: MySQL5, phpass, md5crypt, sha256crypt, sha512crypt, WordPress bcrypt-HMAC-SHA384 (wpbcrypt), base32 encode/decode, plus multiple hashcat modes including salted algos
• Updated yescrypt defaults to match Debian 12
• Read full changelog:
https://forum.hashpwn.net/post/5810

#hashgen #hashcat #infosec #golang #hashcracking #hashpwn #yescrypt #wordpressbcrypt

Just in case anyone out there is interested, the #dgx_spark does about 12min for the top 2bil passwords on an MD5 crypt hash. Sure that's not what it's meant for but come on...
#hashcat
#hashcat7
#dgxspark
#dgxsparkgb10
#dgx

Debian unstable and Devuan unstable now have bumped their hashcat from 6.x to hashcat 7.1.2.

#hashcat

nixpkgs and Slitaz "cooking" now have hashcat 7.1.2.

#hashcat

TUR (the Termux User Repository) now has hashcat 7.1.2!

#hashcat

SlackBuilds and Homebrew now have hashcat 7.1.2!

#hashcat

Since Wordpress v6.8, the default hash func produces a custom bcrypt hash: $wp$2y$10$...

More info on this custom algo, how it uses hmac-sha384, and how to crack them with hashcat.

https://forum.hashpwn.net/post/4205

#wordpress #bcrypt #wpbcrypt #hashcracking #hashpwn #hashgen #hashcat

🐉 Top 10 Kali Linux Tools — Essential Picks

Quick list of 10 widely-used Kali tools for recon, web testing, exploitation, and forensics — use only in labs or with explicit permission. ⚡🛡️

#KaliLinux #PenTesting #InfoSec #EthicalHacking #Nmap #Wireshark #Metasploit #BurpSuite #Hashcat #Forensics

Kali Linux rolling has bumped from hashcat 6.x to 7.1.2!

#hashcat #kali

Every time I reach for #hashcat, which is admittedly rare, I find it very cliquey.

I appreciate it is a broadly capable tool, but the numeric attack mode and algorithm tables to consult, the bespoke mask format, the included rules filenames, and unclear expected format for the hash input file all add up to a daunting re-learning curve.

Maybe, like the notorious args of `tar`, I just need to find opportunities to use it more.

Chocolatey now has hashcat 7.1.2.

#hashcat