B60-0/hashcat-studio

GitHub: B60-0/hashcat-studio

Stars: 2 | Forks: 0

Hashcat Studio logo

Hashcat Studio

A desktop GUI for hashcat. Build attacks in a form, see the exact command before it runs, and watch the output live — no shell required.

Latest release Build status MIT license

Download · Docs · Contribute · Security


Hashcat Studio app preview

## Why Hashcat is great, but the flag surface is huge. If you don't run it every day, you spend half your time digging through `--help` to remember whether it was `-a 3`, what `--increment-min` does, or where you put `-r`. Hashcat Studio puts the common stuff in a form and shows you the command it's about to run, so you can see what's actually being executed and tweak it if you need to. It's a thin wrapper, not a replacement. Your local `hashcat` binary does all the real work; the app just builds the arguments, runs it, and streams the output back. ## What it does - **Guided task builder.** Pick a hash file, algorithm, attack mode, dictionaries, rules, masks, and a few common flags. A live preview shows the exact `hashcat ...` command as you type. - **Raw mode** if you'd rather just paste a command. It parses the args (handles quoting and `hashcat` prefix), then runs them — no shell in between. - **Live output and controls.** Streams stdout/stderr and the JSON status line. Pause, resume, checkpoint, skip, and quit without alt-tabbing to a terminal. - **Devices and benchmarks.** Reads `hashcat -I`, lets you pick CPU/GPU and specific device IDs, and runs targeted benchmarks per-device. - **File browser.** Scans your configured hashes / wordlists / rules / masks folders so you don't have to remember paths. - **Hashes.com escrow.** Optional. Lists public jobs (or your account's jobs if you add an API key) and one-clicks the unfound list into your hashes folder so you can start cracking. - **First-run setup.** One click to download the latest official Hashcat release, or point at an existing install. After setup, the binary path is editable in Settings if you want to swap it later. ## Install Grab the latest build from [GitHub Releases](https://github.com/B60-0/hashcat-studio/releases/latest). | Platform | File | | --- | --- | | Windows | `Hashcat-Studio-Windows-*.zip` | | macOS | `Hashcat-Studio-macOS-*.dmg` | | Linux | `Hashcat-Studio-Linux-*.tar.gz` | On first launch you get a setup screen with two choices: - **Download Hashcat** — pulls the latest official release for your OS (Homebrew on macOS, the official `.7z` everywhere else) and wires it up. - **Point to an existing folder** — for when you already have hashcat installed somewhere. The binary path is editable in Settings afterwards, so you can swap to a specific binary or to `hashcat` on your PATH without going back through setup. ## First task 1. Open the app and finish setup. 2. Set your asset folders in **Settings** (or accept the defaults under your user config dir). 3. Drop a hash file into your hashes folder. 4. Go to **New Task**, pick the algorithm and a dictionary, eyeball the command preview, hit **Create & Start**. 5. Watch it run in the **Tasks** page. If you'd rather skip the form, switch the New Task screen to **Raw Arguments** and paste a full `hashcat ...` line. ## Build from source You'll need: - Go 1.22+ - Node.js 20+ - [Wails](https://wails.io) v2.12.0 — `go install github.com/wailsapp/wails/v2/cmd/wails@v2.12.0` - Hashcat (any recent version) on the machine you'll run it on npm --prefix frontend install npm --prefix frontend run build go test ./internal/... wails build Output lands in `build/bin/`. For a hot-reload dev loop, `wails dev` after `npm --prefix frontend install`. ## Project layout app.go / setup.go Wails-exposed methods (Go ↔ JS) internal/hashcat Argument building, raw-arg parser, binary helpers internal/tasks Subprocess manager and event streaming internal/assets Folder scanner internal/settings Settings file (~/.config/HashcatStudio) internal/hashescom Hashes.com escrow client frontend/src React UI (pages, components, theme) docs/wiki Markdown docs that mirror the GitHub wiki ## macOS signing & notarization Unsigned macOS builds force users through a Gatekeeper override. If you want the DMG to open normally, enroll in the Apple Developer Program and set these secrets on the GitHub Actions release workflow before tagging `v*`: | Secret | Value | | --- | --- | | `MACOS_CERTIFICATE_P12` | Base64 of your Developer ID Application `.p12` | | `MACOS_CERTIFICATE_PASSWORD` | Password for that `.p12` | | `MACOS_CODESIGN_IDENTITY` | e.g. `Developer ID Application: Name (TEAMID)` | | `APPLE_ID` | Apple ID used for notarization | | `APPLE_TEAM_ID` | Apple Developer Team ID | | `APPLE_APP_SPECIFIC_PASSWORD` | App-specific password for that Apple ID | ## Docs Wiki pages live in `docs/wiki/` so they're versioned with the source: - [Installation](docs/wiki/Installation.md) - [First Run](docs/wiki/First-Run.md) - [Creating Tasks](docs/wiki/Creating-Tasks.md) - [Files And Folders](docs/wiki/Files-And-Folders.md) - [Troubleshooting](docs/wiki/Troubleshooting.md) - [Responsible Use](docs/wiki/Responsible-Use.md) ## Responsible use Hashcat Studio is a UI on top of hashcat. Only point it at hashes, systems, and audits you're authorized to test — CTFs you're playing, your own accounts, engagements you have written permission for. Cracking hashes from systems you don't own or aren't authorized to test is illegal in most places. ## License MIT — see [LICENSE](LICENSE). Not affiliated with the Hashcat project.
标签:自动化攻击