Offline Password Cracking

What Is Offline Password Cracking?

Offline Password Cracking definition and explanation.

Offline password cracking technique involves recovering passwords from an already obtained password hash file. This happens after a hacker has already gained local access to an infected endpoint and starts to collect locally stored hashes or conducts other methods to attack the network, such as LLNMNR poisoning. The password/hash file is then dumped by the hacker on his local machine to initiate the process of password cracking via rainbow tables or other brute force methods.

By responding to LLMNR/NBT-NS network traffic, adversaries may spoof an authoritative source for name resolution to force communication with an adversary controlled system. This activity may be used to collect or relay authentication materials.

—attack.mitre.org

Glossary
Read our related blog posts
The Password Security Conundrum
May 6, 2021
The Password Security Conundrum

Why password security continues to be a critical issue despite evolving authentication methods.

Are Password Managers Broken?
January 26, 2023
Are Password Managers Broken?

Recent breaches raise concerns about password managers. Are they still safe to use?

How to Protect Microsoft Active Directory Passwords?
November 3, 2021
How to Protect Microsoft Active Directory Passwords?

Best practices for protecting Microsoft Active Directory passwords from misuse and breaches.

About Scirge
Shedding Light on Shadow IT

Scirge gives organizations the tools to discover and manage Shadow IT by tracking where and how corporate credentials are used across SaaS, supply-chain, GenAI, and other web applications. It helps discover Shadow SaaS and Shadow AI, and identify risks like password reuse, shared accounts, and phishing, while providing real-time awareness messages, automated workflows, and actionable insights.

Trusted by
Ready to discover
Shadow IT?
Shadow AI?
any SaaS app?
any GenAI app?
any supply chain access?
corporate password reuse?
shared accounts?
successful phishing?
SSO accounts?
weak online passwords?
overlapping services?
Contact us
Shadow IT and SaaS Discovery
Cloud and Corporate Identity Protecion
Compliance and Governance
Company
Product
HomeFeaturesPricing
Shadow IT and SaaS Discovery
Shadow IT Visibility And Monitoring
Cloud Application and Identity Inventories
Agentless Historical Shadow IT Audit
Shadow IT and SaaS Security
Password Protection for Corporate and Cloud Identities
Employee Education And Engagement
Phishing Detecion and Awareness
Identity Governance
Compliance with Shadow IT and Shadow AI Monitoring
Asset Management and Supply Chain Control
Cloud Identity Lifecycle Management
Resources
BlogGlossary
Company
AboutContactPrivacy Policy
Shedding Light on Shadow IT
© Scirge, 2025
Close Cookie Popup
Cookie settings
By clicking "Accept all cookies", you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Accept all cookiesCookie settings
Close Cookie Preference Manager
Cookie settings
By clicking 'Accept all cookies', you agree to storing cookies on your device to enhance site navigation, analyze site usage and assist in our marketing efforts as outlined in our privacy policy.
Strictly necessary (always active)
Cookies required to enable basic website functionality.
Accept all cookiesSave settings