Hydra is a popular open-source password cracking tool used for performing brute force attacks on various online services. It supports multiple protocols, such as HTTP, FTP, SSH, and more. Hydra allows attackers to attempt numerous username and password combinations to gain unauthorized access to accounts or systems. It is widely used by security professionals for penetration testing and assessing password security.
Options:
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-C FILE colon separated "login:pass" format, instead of -L/-P options
-M FILE list of servers to attack, one entry per line, ':' to specify port
-t TASKS run TASKS number of connects in parallel per target (default: 16)
-U service module usage details
-m OPT options specific for a module, see -U output for information
-h more command line options (COMPLETE HELP)
server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)
service the service to crack (see below for supported protocols)
OPT some service modules support additional input (-U for module help)
Supported services:
adam6500 asterisk cisco cisco-enable cobaltstrike cvs firebird
ftp[s] http[s]-{head|get|post} http[s]-{get|post}-form http-proxy http-proxy-urlenum
icq imap[s] irc ldap2[s] ldap3[-{cram|digest}md5][s] memcached mongodb mssql
mysql nntp oracle-listener oracle-sid pcanywhere pcnfs pop3[s] postgres radmin2
rdp redis rexec rlogin rpcap rsh rtsp s7-300 sip smb smtp[s] smtp-enum snmp socks5
ssh sshkey svn teamspeak telnet[s] vmauthd vnc xmpp
