It is not a secret that the majority of users choose basic and easy to remember words as passwords. This peculiarity allows much faster password attack. We will explore passwords sample and its statistics to find basic patterns and create dictionaries. We will also explain how to create hashcat rules using patterns and how to test them with real password databases in order to formulate statistically better rules.