7 Steps To Install Hashcat on Kali Linux. Hashcat is actually the fastest password cracking and recovery tool. In this tutorial we will introduce you this popular cracking tool and show the way to install and use it on Kali Linux. If you are interested in penetration testings, so this is a good opportunity for you to learn something useful. Also you should know that it is rarely simple. So let’s start.

What is Hashcat?

As we mentioned, Hashcat is a cracking tool which is desighed to crack even the most complex passwords in much less time. Have the ability to do this task is an important skill to learn. Hashcat is multi-threated and allows you to configure the number of threads and do the execution based on priority. This tool is released and available for operating systems like Linux, Unix, Windows and BSD. It offers a variety of attack modes like: Dictionary attack, Brute-force attack, Hybrid attack and etc.

Different Features of Hashcat

Hashcat is a really useful utility and here we will explain some prominent features of that for you:

– You can configure the number of threads.

– It is multi-algorithm based (MySQL, MD4, MD5, SHA1, NTLM, DCC and so on)

– Hashcat supports both hex-charset and hex-salt files.

– This tool’s attacks can be extended by specialized tools.

– Hashcat is multi-hash and multi-OS based.

Installing Hashcat on Kali Linux

Now that you have a vision of Hashcat and it’s benefits, it’s time to learn the way to install and use it on your system. We are going to show you the way to install this tool in 7 steps:

1. Downloading Hashcat

The first step to have Hashcat tool is to make sure that you have the correct version of Kali Linux, because this tool is not compatible with all versions of Kali. Then you should download it from the internet and unzip the file to move to the correct location on your Kali system.

2. Prerequisites to Install Hashcat

The second step is to insure that the proper dependencies are installed. These dependencies are: OpenCL, CUDA libraries, as well as the Hashcat binaries. When you installed the dependencies, user can clone Hashcat repositories from GitHub and also compile the source code and at last install and run Hashcat to begin password chracking and recovery.

3. Start Installing Hashcat

We have to mention that, generally Hashcat tool comes pre-installed with Kali Linux, but if you prefer to inastall it yourself, please follow the command below:

sudo apt-get install hashcat

You can use the help command to list all available options:

hashcat --help

We listed some of these options here:

-a: it is a type of hash, 0 for straight attack, 2 for combination and 3 for brute-force attack

-m: a kind of hash with the default number 0 means => MD5 hash

-o: this option will store cracked password in an output file

wordlist: there is a requirement of a path to the wordlist of password to match and crack the hashs

4. Starting Hashcat in Kali Linux

Now you can start Hashcat on Kali console with the following command line:

hashcat -h

5. Choosing The Wordlist

As we explained in previous section, Kali Linux has numerous wordlists which is built into it. Use the command line below as it is shown on screenshot and locate wordlists:

Choosing The Wordlist in hashcat

6. Crack the Hashes

Now that you have Hashcat tool, as the final step you can start cracking the hashes contained in the target_hashes.txt file. Here we used the following command line as it is shown below:

[email protected]:~/Desktop# hashcat -m 0 -a 0 -o cracked.txt target_hashes.txt /usr/share/wordlists/rockyou.txt

We explained -m, -a and -o before. target_hashes.txt is our input file and /usr/share/wordlists/rockyou.txt is our path to the wordlist file for this Dictionary attack.

7. The last part

At last, we were able to crack 5 of the 7 target hashes that were proposed. you can see it below:

  • [email protected]:~/Desktop# cat cracked.txt
  • dc647eb65e6711e155375218212b3964:Password
  • eb61eead90e3b899c6bcbe27ac581660:HELLO
  • 75b71aa6842e450f12aca00fdf54c51d:P455w0rd
  • 2c9341ca4cf3d87b9e4eb905d6a3ec45:Test1234
  • 958152288f2d2303ae045cffc43a02cd:MYSECRET

Note: As you see these passwords are weak and you don’t need much effort or time to crack them. So, the simpler the password is, the easier is to detect.

Be careful, make a strong and long password. Also, avoid using personal information and try to change them regularly.


In this tutorial we tried to teach you 7 Steps To Install Hashcat on Kali Linux which is the most popular password cracking and recovery tool. If you are into penetration testing this tool will be very useful for you so install it and enjoy your task. Also if you have any idea or comment let me know. Good Luck!

Rate this post