10-28-2017, 01:03 PM
According to this github issue: https://github.com/hashcat/hashcat/issues/1411
The plan is to split the benchmark into a shorter one, with selected modes and a complete one.
The question is, which mode is worth to be added to the selected one?
Let me do a start what I think people use most often:
Please add the modes you think should be added, but more important, add a reason as I did so we can discuss it.
The plan is to split the benchmark into a shorter one, with selected modes and a complete one.
The question is, which mode is worth to be added to the selected one?
Let me do a start what I think people use most often:
- MD5 (a nice way to show hashcats optimized kernels on a algorithm level due to partial reversal)
- SHA1 (the home of many famous leaks: linkedin etc)
- NTLM (what pentesters live on)
- WPA2 (good for comparison with aircrack-ng, pyrit, ... users)
- phpass (GPU friendly KDF used by largest web software like wordpress, joomla, phpbb)
- NetNTLM (good for comparison with cain users)
- vBulletin (good for comparison with hash manager users)
- Kerberos (becomes a more important role in modern pentest scene)
- DPAPI (becomes a more important role in forensics scene)
- DEScrypt (still imporant in .htaccess)
- md5crypt (still used in many embedded devices)
- bcrypt (most used kdf using blowfish)
- sha512crypt (today standart for linux auth)
- OSX v10.8+ (today standart for OSX auth)
- 7-Zip (important for forensics)
- RAR3 (good for comparison with crark)
- RAR5 (important for forensics)
- TrueCrypt (good for comparison with truecrack)
- KeePass (most requested free and open-source password manager)
- LastPass (most requested proprietary password manager)
- Bitcoin/Litecoin wallet.dat (most used wallet)
Please add the modes you think should be added, but more important, add a reason as I did so we can discuss it.