HashKitty: Distributed Password Analysis

TL;DR

HashKitty is a scalable distributed platform that enhances password analysis efficiency by integrating hashcat across diverse computational nodes via a web-based control system.

Contribution

This work introduces a novel distributed architecture for password analysis that supports heterogeneous hardware and provides real-time workload management.

Findings

Effective workload distribution across diverse nodes

Successful integration of hashcat with distributed architecture

Demonstrated scalability and flexibility of the platform

Abstract

This article documents the HashKitty platform, a distributed solution for password analysis based on the hashcat tool, designed to improve efficiency in both offensive and defensive security operations. The main objectives of this work are to utilise and characterise the hashcat tool, to develop a central platform that connects various computational nodes, to allow the use of nodes with different equipment and manufacturers, to distribute tasks among the nodes through a web platform, and to perform distributed password analysis. The results show that the presented solution achieves the proposed objectives, demonstrating effectiveness in workload distribution and password analysis using different types of nodes based on various operating systems and architectures. The architecture of HashKitty is based on a scalable and modular distributed architecture, composed of several components such as computational nodes, integration and control software, a web platform that implements our API, and database servers. In order to achieve a fast and organised development process for our application we used multiple frameworks, runtimes and libraries. For the communication between the computational nodes and the other software we made use of websockets so that we have real-time updates between them.