Hydra is a parallelized network login cracker built in various operating systems like Kali Linux, Parrot and other major penetration testing environments. Hydra works by using different approaches to perform brute-force attacks in order to guess the right username and password combination. Hydra is commonly used by penetration testers together with a set of programmes like crunch, cupp etc, which are used to generate wordlists. Hydra is then used to test the attacks using the wordlists that these programmes created.
9.2 / March 15, 2021
|License||GNU General Public License (version 3 or later)|
Hydra is set to be updated over time as more services become supported. The creator of Hydra publishes his work in repositories like GitHub.
Here is a sample output in a Debian environment.
$ hydra -L names -P pws ftp://wanne.t-8ch.de [names = Username file, commonly with .txt extestion] [pws = Password file, commonly with .txt extestion] Hydra v7.3 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only Hydra (http://www.thc.org/thc-hydra) starting at 2013-02-09 00:54:40 [DATA] 16 tasks, 1 server, 516 login tries (l:43/p:12), ~32 tries per task [DATA] attacking service ftp on port 21 [ftp] host: 220.127.116.11 login: john password: passwd [STATUS] attack finished for wanne.t-8ch.de (waiting for children to finish) 1 of 1 target successfully completed, 1 valid password found Hydra (http://www.thc.org/thc-hydra) finished at 2013-02-09 00:54:51