THC Hydra
Featured🔑 Password Attacks · C
THC Hydra is the most widely used online password brute-forcing tool. It supports over 50 protocols including SSH, FTP, HTTP, HTTPS, SMB, MySQL, MSSQL, PostgreSQL, LDAP, RDP, VNC, and many more. Hydra is fast and flexible, supporting parallel connections and multiple attack types. It's an essential tool for penetration testers verifying password policies and testing authentication mechanisms.
Installation
apt (Debian/Ubuntu)
$ sudo apt install hydrabrew (macOS)
$ brew install hydrafrom source
$ git clone https://github.com/vanhauser-thc/thc-hydra && cd thc-hydra && ./configure && make && sudo make installUse Cases
- Online password brute-forcing across 50+ protocols
- Password policy verification and auditing
- SSH/RDP credential testing
- Web form authentication testing
- Database credential testing
Tags
Details
- Category
- 🔑 Password Attacks
- Language
- C
- Repository
- vanhauser-thc/thc-hydra
Platforms
Alternatives & Comparisons
More in Password Attacks
John the Ripper
CFast password cracker. Supports hundreds of hash types and ciphers. CPU and GPU modes.
Hashcat
CWorld's fastest password recovery tool. GPU-accelerated with support for 300+ hash types.
Medusa
CSpeedy, parallel, modular brute-forcer. Supports HTTP, MySQL, SMB, SSH, Telnet, and more.
CeWL
RubyCustom wordlist generator. Spiders a target site and builds password lists from scraped words.
SecLists
ShellThe security tester's companion. Huge collection of wordlists — usernames, passwords, URLs, fuzzing payloads, shells.
Mimikatz
CExtract plaintext passwords, hashes, PIN codes, and Kerberos tickets from Windows memory.