To use a compressed wordlist, you must stream the decompressed data into Hashcat using standard input (stdin) via a piping command ( | ). The Standard Input Mechanism
Compressed wordlists are not merely a convenience—they are a necessity for modern password recovery at scale. Hashcat’s native support for .gz and .zip formats eliminates the friction of manual decompression while maintaining cracking performance. For other formats, Unix pipelines provide universal compatibility, albeit with some limitations. hashcat compressed wordlist
| | Compression Ratio | Decompression Speed | Memory Usage | Hashcat Native? | Best Use Case | |------------|----------------------|------------------------|------------------|---------------------|-------------------| | Gzip | Good (~12%) | Fast | Very low (2 MB) | ✅ Yes | Daily cracking, general purpose | | ZIP | Good (~12%) | Fast | Low | ✅ Yes | General purpose, Windows compatibility | | Zstd | Good to Excellent | Very Fast | Moderate | ❌ (via pipe) | Speed-optimized cracking, large wordlists | | XZ | Excellent (~7%) | Slow | Very high (GBs) | ❌ (via pipe) | Archival storage only | | Bzip2 | Poor | Very Slow | Low | ❌ (via pipe) | Not recommended | To use a compressed wordlist, you must stream
HASH=$1 MODE=$2
for exceptionally large wordlists (terabyte-scale uncompressed), as it avoids certain internal ZIP file size limits. Advanced Piping (The "Zcat" Method) Advanced Piping (The "Zcat" Method) zcat rockyou
zcat rockyou.txt.gz | hashcat -m 0 -a 0 hashes.txt