├── LICENSE
├── OneRuleToRuleThemAll.rule
└── README.md


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2017 NotSoSecure Global Services Limited
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Edit: This is now sub-optimal and has been improved with [OneRuleToRuleThemStill](https://github.com/stealthsploit/OneRuleToRuleThemStill).
 2 | <br/><br/>
 3 | 
 4 | 
 5 | # OneRuleToRuleThemAll
 6 | 
 7 | This is a custom hashcat rule, the original supporting blog post of which I wrote when I worked at https://www.notsosecure.com 
 8 | 
 9 | Several default and non-default hashcat rules were individually tested over a set of 4.3 million unique MD5 hashes from a data breach.
10 | Hashcat debugging provided statistical analysis of the best performing and most efficient rules in each test.
11 | The best performing 25% of rules from each tested ruleset were extracted and concatenated into a new custom rule.
12 | 
13 | OneRuleToRuleThemAll cracked 68.36% of the 4.3 million hashes; an increase of 2.72% (117,626 hashes) over second place which was the hashcat supplied dive rule.
14 | 
15 | 
16 | # Credit
17 | Aside from hashcat supplied rule sets, shout outs to the following rule sets that were used for testing:
18 | 
19 | 1. https://github.com/praetorian-inc/Hob0Rules (d3adhob0.rule, hob064.rule)
20 | 2. http://contest-2010.korelogic.com/rules-hashcat.html (KoreLogicRulesPrependRockYou50000)
21 | 3. https://github.com/NSAKEY/nsa-rules (_NSAKEY.v2.dive.rule)
22 | 4. https://github.com/hashcat/hashcat/ oclHashcat v1.20 (by https://github.com/evilmog) (generated2.rule)
23 | 
24 | Please get in touch if anyone has been missed.
25 | 
26 | # License
27 | Rules taken from other ruleset will follow respective licenses.
28 | Additional custom rules are added besides those mentioned above, these additional rules are MIT Licensed.
29 | 


--------------------------------------------------------------------------------