Hashing

1. #individual ntlm hash with rules
2. hashcat -m 1000 -a 0 DAE57D78FEC919471799CE0FAE8236B9 rockyou.txt -r leetspeak.rule
3.  
4. #ntlm hashlist  with rules
5. hashcat -m 1000 -a 0 hashlist2.txt rockyou.txt -r rules.txt
6.  
7. #sha1 hashlist  with multiple rule sets
8. hashcat -m 100 -a 0 hashlist2.txt rockyou.txt -r rules.txt -r best64.rule -r leetspeak.rule
9.  
10. #hash generator
11. https://codebeautify.org/ntlm-hash-generator
12. https://www.browserling.com/tools/all-hashes
13.  
14. #hashcat cheat sheet
15. https://cheatsheet.haax.fr/passcracking-hashfiles/hashcat_cheatsheet/
16.  
17. #hash dumps
18. http://www.adeptus-mechanicus.com/codex/hashpass/hashpass.php
19.  
20. #lsa dump from ram
21. taskmanager (admin) - details - r/c lsass.exe - create dump file
22. mimi sekurlsa::minidump lsass.dmp
23. log lsass.txt
24. sekurlsa::logonpasswords
25.  
26. #dump secrets
27. token::elevate
28. lsadump::secrets
29.  
30. #continue from the last checkpoint
31. hashcat --restore
32.  
33. #hashcat speed explanations
34. H/s == Hashes per second
35. KH/s == Kilohashes per second (Thousands of hashes per second)
36. MH/s == Megahashes per second (Millions of hashes per second)
37. GH/s == Gigahashes per second (Billions of hashes per second)
38. TH/s == Terahashes per second (Trillions of hashes per second)
39. PH/s == Petahashes per second (Quadrillions of hashes per second)
40.  
41. #brute force options
42. #password of 7 chars (1x uppercase x5 lowercase x1 special character) in NTLM format
43. hashcat -a 3 -m 1000 hashes.txt ?u?l?l?l?l?l?s
44.  
45. #brute force character sets
46. ?l # Lowercase a-z
47. ?u # Uppercase A-Z
48. ?d # Decimals
49. ?h # Hex using lowercase chars
50. ?H # Hex using uppercase chars
51. ?s # Special chars
52. ?a # All (l,u,d,s)
53. ?b # Binary
54.