Websites like CrackStation and Hashes.com internally use massive rainbow tables to provide fast password cracking for hashes without salts. Doing a lookup in a sorted list of hashes is quicker than trying to crack the hash.
example with Vunerabilities scanner + output in a file
nmap -sV -sC --script vuln -oN blue.map 10.80.148.21
(https://github.com/vulnersCom/nmap-vulners)
C:\Windows\System32\config - location where pass are stored
(https://codebeautify.org/javascript-obfuscator) (https://obf-io.deobfuscate.io/)
(https://tryhackme.com/room/hydra?taskNo=2&sharerId=69435a072b464127a6b6bfb7)