(*) Use --session=sessionName in order to --restore longer time attacks.

(*) Be artistic and exotic with fast hashes. Be specific and precise with slow hashes. Use TOP x wordlist or TOP x rulesets . If necessary correlate usernames/passwords from cracked hashes from fast hashes lists and test 1 by 1 with slow hashes lists. Or ask @Chick3nman512

(*) When in doubt of the format of the hash, use ./hashcat --example-hashes !

(*) When you generate a new wordist, always sort it by occurrence!
sort dump_wordlist.txt | uniq -ic | sort -rn | cut -b9- > sorted_wordlist.txt

(*) Extract the "root" words of a wordlist by removing numbers and punctuation and converting into lowercase :
tr -d [:punct:] | tr -d [:digit:] | tr [:upper:] [:lower:] | sort | uniq -ic | sort -rn

(*) Extract the "mutations" of a wordlist by removing alpha ! sort them uniquely and use them with mode -a 1 wordlist.txt <-> mutations.txt (left or right)
tr -d [:alpha:] | sort | uniq -ic | sort -rn

(*) When life gives you data, use it to make wordlists! lynx -dump website[dot]com | sort | uniq -ic | sort -rn | cut -b9- > wordlist_website.txt ; try this on the target website during red-teaming or scrape relevant sector forums ...

(*) Discover new rules with --generate-rules. Always combine it with --debug-mode, --debug-file. If still in doubt ask @Evil_Mog

(*) Use Emoji wordlists! everyone else does! ...also emojis usually appear on the right (or left) ! hashcat mode -a 1 wordlist.txt emoji.txt

(*) Hashcat-utils is a very powerfull collection of wordlist processing tools.

(*) Hashcat works nicely with stdin . Hashcat-utils can be a good source of -stdin.

(*) try combinator with rules ! ./combinator wordist1.txt wordlist2.txt | hashcat -r rules\specialcombinator.rules

(*) try princeprocessor with rules ! ./pp64 --pw-min=4 --pw-max=8 wordlist.txt | hashcat -r rules\specialprince.rules

(*) build your own markov chains stats (hcstatgen) to run efficient "per position bruteforce attacks" by using single sourced themed wordlists or cracked password lists.

(*) quick way to make a wordlist : replace "space" with "new line" , then sort by occurance . tr " " "\n" | sort | uniq -ic | sort -rn | cut -b9- > wordlist.txt

(*) Users like to use phrases for passwords. Build phrases_wordlists.txt with phraser[.]pl script (add rules, remove space, replace_space_with underscore)

(*) --brain-* is a very powerfull feature for password cracking collaboration. "--brain-* knows everything including victoria's secret!®"

(*) pdftotext file.pdf file.txt , docxtotext unzip -p document.docx | sed -e 's/<[^>]\{1,\}>//g; s/[^[:print:]]\{1,\}//g' then make wordlists

(*) metadata are a good source of creating targeted wordlists.txt ! Exiftool -csv for the rescue! "extract authors,created by , last modified by etc.." try this against the available documents of the website you red-team.

(*) People still use IRC! The IRC logs can build amazing wordlists. nickname.wordlist, phrases.wordlist, channel.wordlist. Use natural language processing for better results :) sumgram FTW

(*) Use the 8 parts of a speech in wordlist combination. nouns.txt, pronouns.txt, verbs.txt, adjectives.txt, adverbs.txt, prepositions.txt, conjunctions.txt, interjections.txt | hashcat mode -a 1 adjectives.txt nouns.txt