So today’s article is about another password cracking tool from my arsenal, which I use the most, whenever try to brute-force remote systems. Why so? I personally, consider Hydra as the best tool to brute-force various protocols, ranging from ftp logins to performing dictionary attack on Instagram, for the purpose of hacking accounts.

Intro to THC Hydra

Hydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely.

If you want a list of all the protocols, on which you can use hydra to perform dictionary attack, check out my gist on github: https://gist.github.com/iParamjotSingh/c17d3c694eea3073806d9d36585a6d55

My Opinion

It is really a great tool to work with, it has customization option, manage the way you want to brute-force, and is a very simple tool to use. Now, I really try brute-forcing the systems when there is no other bug/vulnerability I could find on the system I am testing on, the lot other tools might not be efficient enough to carry out this process with some normal code, this is where hydra stands out.

Not really much to talk about… Rest is just all about explaining how to starting the attack, with the available options. I will put that for some other post. And that’s it for this post. Let me know if you want more such article, I will be happy to upload.

Oh btw, THC in hydra means “The Hacker’s Choice”, if that’s what you wondering.

Nehh, just a n00b