Forrest logo
tool overview
On this page you find all important commands for the CLI tool hydra. If the command you are looking for is missing please ask our AI.

hydra

Hydra is a powerful command line tool used for attacking remote services. It is designed to perform brute-force and dictionary attacks against protocols such as SSH, FTP, Telnet, HTTP, and more.

  1. Hydra supports multiple attack scenarios, including username/password-based attacks, password lists, and user-defined character sets.
  2. It can launch parallel attacks against multiple target hosts simultaneously, optimizing the scanning process.
  3. Hydra's modular design allows easy integration with other tools and scripts for automation.
  4. It has a flexible and user-friendly syntax that enables customization for different attack scenarios.
  5. Hydra provides customizable retry options, timeout settings, and delay intervals to evade detection and bypass security mechanisms like account lockouts.
  6. It supports various proxy types, enabling attacks through SOCKS4, SOCKS5, and HTTP proxies.
  7. Hydra supports SSL/TLS encryption, making it suitable for attacking secure services.
  8. It provides detailed statistics and progress monitoring during the attack, allowing users to track its effectiveness.
  9. Hydra is actively updated and maintained, ensuring compatibility and support for the latest protocols and vulnerabilities.
  10. However, it's worth noting that Hydra should only be used in controlled environments or with proper authorization, as unauthorized use can lead to legal consequences.

List of commands for hydra:

  • hydra:tldr:0f1df hydra: Guess HTTPS webform credentials using two specific lists of usernames and passwords ("https_post_request" can be like "username=^USER^&password=^PASS^").
    $ hydra -L ${path-to-usernames-txt} -P ${path-to-wordlist-txt} ${host_ip} ${https-post-form} "${url_without_host}:${https_post_request}:${login_failed_string}"
    try on your machine
    explain this command
  • hydra:tldr:1fdb2 hydra: Guess SSH credentials using a given username and a list of passwords.
    $ hydra -l ${username} -P ${path-to-wordlist-txt} ${host_ip} ${ssh}
    try on your machine
    explain this command
  • hydra:tldr:4f479 hydra: Guess RDP credentials using a username and a passwords list, showing each attempt.
    $ hydra -l ${username} -P ${path-to-wordlist-txt} -V ${rdp:--host_ip}
    try on your machine
    explain this command
  • hydra:tldr:a926f hydra: Guess MySQL credentials using a username and a passwords list, exiting when a username/password pair is found.
    $ hydra -l ${username} -P ${path-to-wordlist-txt} -f ${host_ip} ${mysql}
    try on your machine
    explain this command
  • hydra:tldr:b4d84 hydra: Guess POP3 credentials on a list of hosts using usernames and passwords lists, exiting when a username/password pair is found.
    $ hydra -L ${path-to-usernames-txt} -P ${path-to-wordlist-txt} -M ${path-to-hosts-txt} -F ${pop3}
    try on your machine
    explain this command
  • hydra:tldr:c45be hydra: Guess IMAP credentials on a range of hosts using a list of colon-separated username/password pairs.
    $ hydra -C ${path-to-username_password_pairs-txt} ${imap:--[host_range_cidr]}
    try on your machine
    explain this command
  • hydra:tldr:f04b6 hydra: Guess FTP credentials using usernames and passwords lists, specifying the number of threads.
    $ hydra -L ${path-to-usernames-txt} -P ${path-to-wordlist-txt} -t ${n_tasks} ${host_ip} ${ftp}
    try on your machine
    explain this command
tool overview