When reading from stdin, Hashcat cannot calculate the total number of words beforehand. This disables specific status features, such as accurate ETA timers and certain internal dictionary optimization routines.
This paper examines using compressed wordlists with Hashcat to reduce storage and I/O overhead while maintaining effective password-cracking throughput. It covers compression formats, on-the-fly decompression strategies, integration methods with Hashcat, performance trade-offs, experimental benchmarks, and recommended practices for practitioners. hashcat compressed wordlist
Beyond traditional compression, Hashcat supports Markov chain attacks that generate candidates statistically rather than reading from a wordlist. While not compression per se, this technique dramatically reduces storage needs because the candidate generation logic replaces the wordlist entirely. For password recovery scenarios where coverage matters more than precision, Markov attacks offer an interesting alternative to compressed wordlists. When reading from stdin, Hashcat cannot calculate the
# Crack MD5 hashes using a gzipped wordlist (Hashcat 6.0+) hashcat -m 0 hashes.txt /path/to/rockyou.txt.gz For password recovery scenarios where coverage matters more
