Which tool can combine /etc/passwd and /etc/shadow into a single file for cracking?

Combining /etc/passwd with /etc/shadow is a standard preprocessing step for offline UNIX password cracking because passwd supplies the usernames and related fields, while shadow holds the salted hashes. To crack these efficiently, you need a single input that pairs each username with its corresponding hash and salt. John the Ripper is designed for cracking UNIX-style passwords and provides a utility (unshadow) that merges /etc/passwd and /etc/shadow into one dataset that John can read and crack. This makes it the natural choice for preparing UNIX password hashes for cracking, since it directly handles the pairing and formatting required by the tool. Other options are not built for this specific pre-processing workflow: Mimikatz targets Windows credential extraction, Cain & Abel is Windows-focused and not ideal for UNIX shadow formats, and Hashcat, while powerful, generally requires you to create or provide the appropriate hash file yourself and doesn’t include the integrated merging step.