Originally Posted by
staticn0de
That is why you use a hashcat brute force attack with masks.
You can define that (for example) the first 6 characters are letters with the 1st of that six is always a capital. Out of the remaining 4, 3 are numbers and the 4th digit is a special character.
This means we get Aaaaaa000! to Zzzzzz999* are everything between. Its more likely that a password will be Lasors165! instead of A3%h@j&d6^