Welcome to the Cryptomator Community 
Cryptomator protects your vault masterkey key with two things:
- the password chosen by you
- scrypt, a “hard-to-bruteforce” function to create a masterkey key from your password
This is the industry standard nowadays. Hence, the security of your vault depends on the password you chose. See also How exactly does Cryptomator's use of Scrypt protect against brute force attacks? - #2 by tja
Regarding the tool you linked: If you don’t have additional knowledge of the password (e.g. “the first char was a digit, then there were three lower case letters and the last character is a question mark”), cracker does not make a better job than simple brute forcing. And bruteforcing can take a long, long time:
We want to crack the password: Julia1984
In traditional Brute-Force attack we require a charset that contains all upper-case letters, all lower-case letters and all digits (aka “mixalpha-numeric”). The Password length is 9, so we have to iterate through 62^9 (13.537.086.546.263.552) combinations. Lets say we crack with a rate of 100M/s, this requires more than 4 years to complete.
And the above calculation does not even account for scrypt. You can read our docs for more info about the security architecture of Cryptomator.
But instead of brute forcing the password, which is very hard due to scrypt, you can directly brute force the encryption masterkey. It is 256bit long and encrypted with AES-256, which is assumed to be quantum save for a long time.