Online and Offline Password Attacks

Brute-Force, Dictionary Attacks and Password Cracking

The "Hacking II: Password Attacks" chapter of binsec.wiki's Pentest Training delves into a critical aspect of penetration testing: exploiting weak or compromised passwords to gain unauthorized access. The chapter distinguishes between online and offline password attacks. Online attacks target live authentication services by repeatedly attempting logins using methods like brute-force or dictionary attacks, often constrained by rate-limiting and detection mechanisms. Offline attacks, on the other hand, involve cracking stolen password hashes without interacting with the live system—allowing for faster, stealthier attacks using tools like Hashcat or John the Ripper. Both techniques are essential in assessing the resilience of authentication systems and user password hygiene.

Hacking II: Password Attacks

Provide knowledge
Our Wiki

This is our binsec wiki page.

How to scan networks

The "Hacking I: Scanning Networks" chapter of binsec.wiki's Pentest Training covers the critical first step in penetration testing: network reconnaissance. This phase involves mapping the attack surface by identifying active hosts, open ports, and the services running on those ports within a target network. Read more.

Penetration Testing

Since 2013 we conduct professional penetration test, based on international industry standards and years of experience in penetration testing, red teaming and hacking.

As a company for professional penetration testing, we do some things differently than other pentest provider: As a penetration test firm, we do not sell vulnerability scans as pentest. We do also focus on business security risks. You are looking for a professionally conducted penetration tests? Get the binsec team for your Pentest. Read more about our pentest service.

Wiki
Online and Offline Password Attacks

Brute-Force, Dictionary Attacks and Password Cracking

Provide knowledge
Our Wiki

How to scan networks