Hydra (or THC Hydra) is a parallelized network login cracker built in various operating systems like Kali Linux, Parrot and other major penetration testing environments.[2] Hydra works by using different approaches to perform brute-force attacks in order to guess the right username and password combination. Hydra is commonly used by penetration testers together with a set of programmes like crunch,[3] cupp[4] etc, which are used to generate wordlists. Hydra is then used to test the attacks using the wordlists that these programmes created.

THC Hydra
Developer(s)THC
Stable release
9.4 / September 8, 2022; 2 years ago (2022-09-08)[1]
Repositorygithub.com/vanhauser-thc/thc-hydra
Written inC
Operating systemCross-platform
PlatformUnix
TypePassword cracking
LicenseGNU General Public License (version 3 or later)
Websitewww.thc.org

Hydra is set to be updated over time as more services become supported. The creator of Hydra publishes his work in repositories like GitHub.

Supported protocols

edit

Hydra supports many common login protocols like forms on websites, FTP, SMB, POP3, IMAP, MySQL, VNC, SSH, HTTP(S) and others.[5]

References

edit
  1. ^ "Releases · vanhauser-thc/thc-hydra". github.com. Retrieved 2023-03-07.
  2. ^ McNab, Chris (November 2011). Network Security Assessment: Know Your Network. O'Reilly Media, Inc. p. 181. ISBN 978-0-596-51933-9.
  3. ^ "Crunch | Kali Linux Tools".
  4. ^ "CUPP - Common User Passwords Profiler". GitHub. Retrieved 2021-02-04.
  5. ^ "Debian -- Details of package hydra in buster". packages.debian.org. Retrieved 2020-05-26.
edit