A powerful Model Context Protocol (MCP) server that provides intelligent hashcat integration for Claude Desktop. Crack hashes, analyze passwords, and perform security assessments directly from your Claude conversations.
- Smart Hash Identification - Automatically detect hash types with confidence scoring
- Multiple Attack Modes - Dictionary, brute-force, hybrid, and rule-based attacks
- Batch Processing - Crack multiple hashes simultaneously
- Session Management - Track and monitor cracking progress
- GPU Monitoring - Real-time hardware performance metrics
- Password Analysis - Analyze cracked passwords for security insights
- Auto Attack Strategies - Intelligent attack sequence selection
- Security Hardened - Input validation and injection protection
Watch the Hashcat MCP Server in action - from hash identification to successful cracking!
Join our cybersecurity community for the latest in offensive security, AI integration, and advanced penetration testing techniques:
RootSec is a community of security professionals, researchers, and enthusiasts sharing knowledge about:
- Advanced penetration testing techniques
- AI-powered security tools
- Red team methodologies
- Security research and development
- Industry insights and discussions
pip install -r requirements.txtEdit your Claude Desktop config file:
Windows: %APPDATA%\Claude\claude_desktop_config.json
Mac: ~/Library/Application Support/Claude/claude_desktop_config.json
{
"mcpServers": {
"Hashcat-MCP": {
"command": "python",
"args": [
"C:\\path\\to\\your\\hashcat_mcp_server.py"
],
"env": {
"HASHCAT_PATH": "C:\\path\\to\\hashcat\\hashcat.exe",
"HASHCAT_SAFE_DIRS": "C:\\wordlists"
}
}
}
}Important: Update the paths to match your system:
args[0]- Path to yourhashcat_mcp_server.pyfileHASHCAT_PATH- Path to your hashcat executableHASHCAT_SAFE_DIRS- Comma-separated list of safe directories for wordlists
Close and reopen Claude Desktop to load the MCP server.
HASHCAT_PATH- Path to hashcat executable (required)
HASHCAT_SAFE_DIRS- Safe directories for wordlists (recommended)HASHCAT_LOG_LEVEL- Logging level: DEBUG, INFO, WARNING, ERROR (default: DEBUG)
Can you identify this hash: 5d41402abc4b2a76b9719d911017c592
Crack this NTLM hash: 76268997E3979AFB37AC1C653E3ABBDD
Use wordlist: C:\wordlists\rockyou.txt
Run an automatic attack on this hash: 098f6bcd4621d373cade4e832627b4f6
Give it 30 minutes to try different strategies
Crack these hashes:
- 5d41402abc4b2a76b9719d911017c592
- 098f6bcd4621d373cade4e832627b4f6
- 76268997E3979AFB37AC1C653E3ABBDD
The server supports 400+ hash types including:
- Raw Hashes: MD5, SHA1, SHA256, SHA512
- Operating Systems: NTLM, bcrypt, sha512crypt, md5crypt
- Network Protocols: WPA/WPA2, Kerberos
- Applications: MySQL, PostgreSQL, Oracle
- And many more...
smart_identify_hash()- Enhanced hash identificationcrack_hash()- Crack single hash with various attack modescrack_multiple_hashes()- Batch hash crackingauto_attack_strategy()- Intelligent automated attacksbenchmark_hashcat()- Performance benchmarkingget_gpu_status()- Hardware monitoringanalyze_cracked_passwords()- Password security analysisgenerate_smart_masks()- Intelligent brute-force patternsestimate_crack_time()- Time estimation for attacks
This tool is for educational and authorized security testing purposes only. Always ensure you have proper authorization before testing any systems or hashes that don't belong to you.
This project is licensed under the MIT License - see the LICENSE file for details.
Happy Hashing! 🔓
