{
	"id": "bd7a4050-0a13-4ed6-8f08-077727af379b",
	"created_at": "2026-04-06T00:13:43.676787Z",
	"updated_at": "2026-04-10T03:21:47.701617Z",
	"deleted_at": null,
	"sha1_hash": "4a75f35efddfd81eef0b999a8c71456e4c07f6bb",
	"title": "hydra | Kali Linux Tools",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 67426,
	"plain_text": "hydra | Kali Linux Tools\r\nArchived: 2026-04-05 21:46:46 UTC\r\nTool Documentation:\r\nhydra Usage Example\r\nAttempt to login as the root user ( -l root ) using a password list ( -P\r\n/usr/share/wordlists/metasploit/unix_passwords.txt ) with 6 threads ( -t 6 ) on the given SSH server\r\n( ssh://192.168.1.123 ):\r\nroot@kali:~# hydra -l root -P /usr/share/wordlists/metasploit/unix_passwords.txt -t 6 ssh://192.168.1.123\r\nHydra v7.6 (c)2013 by van Hauser/THC \u0026 David Maciejak - for legal purposes only\r\nHydra (http://www.thc.org/thc-hydra) starting at 2014-05-19 07:53:33\r\n[DATA] 6 tasks, 1 server, 1003 login tries (l:1/p:1003), ~167 tries per task\r\n[DATA] attacking service ssh on port 22\r\npw-inspector Usage Example\r\nRead in a list of passwords ( -i /usr/share/wordlists/nmap.lst ) and save to a file ( -o /root/passes.txt ),\r\nselecting passwords of a minimum length of 6 ( -m 6 ) and a maximum length of 10 ( -M 10 ):\r\nroot@kali:~# pw-inspector -i /usr/share/wordlists/nmap.lst -o /root/passes.txt -m 6 -M 10\r\nroot@kali:~# wc -l /usr/share/wordlists/nmap.lst\r\n5086 /usr/share/wordlists/nmap.lst\r\nroot@kali:~# wc -l /root/passes.txt\r\n4490 /root/passes.txt\r\nPackages and Binaries:\r\nhydra\r\nVery fast network logon cracker\r\nHydra is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and\r\nnew modules are easy to add.\r\nThis tool makes it possible for researchers and security consultants to show how easy it would be to gain\r\nunauthorized access to a system remotely.\r\nhttps://tools.kali.org/password-attacks/hydra\r\nPage 1 of 5\n\nIt supports: Cisco AAA, Cisco auth, Cisco enable, CVS, FTP, HTTP(S)-FORM-GET, HTTP(S)-FORM-POST,\r\nHTTP(S)-GET, HTTP(S)-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MySQL, NNTP, Oracle\r\nListener, Oracle SID, PC-Anywhere, PC-NFS, POP3, PostgreSQL, RDP, Rexec, Rlogin, Rsh, SIP, SMB(NT),\r\nSMTP, SMTP Enum, SNMP v1+v2+v3, SOCKS5, SSH (v1 and v2), SSHKEY, Subversion, Teamspeak (TS2),\r\nTelnet, VMware-Auth, VNC and XMPP.\r\nInstalled size: 964 KB\r\nHow to install: sudo apt install hydra\r\nDependencies:\r\ndpl4hydra\r\nGenerates a (d)efault (p)assword (l)ist as input for THC hydra\r\nroot@kali:~# dpl4hydra -h\r\ndpl4hydra v0.9.9 (c) 2012 by Roland Kessler (@rokessler)\r\nSyntax: dpl4hydra [help] | [refresh] | [BRAND] | [all]\r\nThis script depends on a local (d)efault (p)assword (l)ist called\r\n/root/.dpl4hydra/dpl4hydra_full.csv. If it is not available, regenerate it with\r\n'dpl4hydra refresh'. Source of the default password list is\r\nhttp://open-sez.me\r\nOptions:\r\n help Help: Show this message\r\n refresh Refresh list: Download the full (d)efault (p)assword (l)ist\r\n and generate a new local /root/.dpl4hydra/dpl4hydra_full.csv file. Takes time!\r\n BRAND Generates a (d)efault (p)assword (l)ist from the local file\r\n /root/.dpl4hydra/dpl4hydra_full.csv, limiting the output to BRAND systems, using\r\n the format username:password (as required by THC hydra).\r\n The output file is called dpl4hydra_BRAND.lst.\r\n all Dump list of all systems credentials into dpl4hydra_all.lst.\r\nExample:\r\n# dpl4hydra linksys\r\nFile dpl4hydra_linksys.lst was created with 20 entries.\r\n# hydra -C ./dpl4hydra_linksys.lst -t 1 192.168.1.1 http-get /index.asp\r\nhydra\r\nA very fast network logon cracker which supports many different services\r\nhttps://tools.kali.org/password-attacks/hydra\r\nPage 2 of 5\n\nroot@kali:~# hydra -h\r\nHydra v9.6 (c) 2023 by van Hauser/THC \u0026 David Maciejak - Please do not use in military or secret service organiz\r\nSyntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e nsr] [-o FILE] [-t TASKS] [-M FILE [-T TA\r\nOptions:\r\n -R restore a previous aborted/crashed session\r\n -I ignore an existing restore file (don't wait 10 seconds)\r\n -S perform an SSL connect\r\n -s PORT if the service is on a different default port, define it here\r\n -l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE\r\n -p PASS or -P FILE try password PASS, or load several passwords from FILE\r\n -x MIN:MAX:CHARSET password bruteforce generation, type \"-x -h\" to get help\r\n -y disable use of symbols in bruteforce, see above\r\n -r use a non-random shuffling method for option -x\r\n -e nsr try \"n\" null password, \"s\" login as pass and/or \"r\" reversed login\r\n -u loop around users, not passwords (effective! implied with -x)\r\n -C FILE colon separated \"login:pass\" format, instead of -L/-P options\r\n -M FILE list of servers to attack, one entry per line, ':' to specify port\r\n -D XofY Divide wordlist into Y segments and use the Xth segment.\r\n -o FILE write found login/password pairs to FILE instead of stdout\r\n -b FORMAT specify the format for the -o FILE: text(default), json, jsonv1\r\n -f / -F exit when a login/pass pair is found (-M: -f per host, -F global)\r\n -t TASKS run TASKS number of connects in parallel per target (default: 16)\r\n -T TASKS run TASKS connects in parallel overall (for -M, default: 64)\r\n -w / -W TIME wait time for a response (32) / between connects per thread (0)\r\n -c TIME wait time per login attempt over all threads (enforces -t 1)\r\n -4 / -6 use IPv4 (default) / IPv6 addresses (put always in [] also in -M)\r\n -v / -V / -d verbose mode / show login+pass for each attempt / debug mode\r\n -O use old SSL v2 and v3\r\n -K do not redo failed attempts (good for -M mass scanning)\r\n -q do not print messages about connection errors\r\n -U service module usage details\r\n -m OPT options specific for a module, see -U output for information\r\n -h more command line options (COMPLETE HELP)\r\n server the target: DNS, IP or 192.168.0.0/24 (this OR the -M option)\r\n service the service to crack (see below for supported protocols)\r\n OPT some service modules support additional input (-U for module help)\r\nSupported services: adam6500 asterisk cisco cisco-enable cobaltstrike cvs firebird ftp[s] http[s]-{head|get|post\r\nHydra is a tool to guess/crack valid login/password pairs.\r\nLicensed under AGPL v3.0. The newest version is always available at;\r\nhttps://github.com/vanhauser-thc/thc-hydra\r\nPlease don't use in military or secret service organizations, or for illegal\r\npurposes. (This is a wish and non-binding - most such people do not care about\r\nhttps://tools.kali.org/password-attacks/hydra\r\nPage 3 of 5\n\nlaws and ethics anyway - and tell themselves they are one of the good ones.)\r\nThese services were not compiled in: afp ncp oracle sapr3.\r\nUse HYDRA_PROXY_HTTP or HYDRA_PROXY environment variables for a proxy setup.\r\nE.g. % export HYDRA_PROXY=socks5://l:p@127.0.0.1:9150 (or: socks4:// connect://)\r\n % export HYDRA_PROXY=connect_and_socks_proxylist.txt (up to 64 entries)\r\n % export HYDRA_PROXY_HTTP=http://login:pass@proxy:8080\r\n % export HYDRA_PROXY_HTTP=proxylist.txt (up to 64 entries)\r\nExamples:\r\n hydra -l user -P passlist.txt ftp://192.168.0.1\r\n hydra -L userlist.txt -p defaultpw imap://192.168.0.1/PLAIN\r\n hydra -C defaults.txt -6 pop3s://[2001:db8::1]:143/TLS:DIGEST-MD5\r\n hydra -l admin -p password ftp://[192.168.0.0/24]/\r\n hydra -L logins.txt -P pws.txt -M targets.txt ssh\r\nhydra-wizard\r\nWizard to use hydra from command line\r\nroot@kali:~# man hydra-wizard\r\nHYDRA-WIZARD(1) General Commands Manual HYDRA-WIZARD(1)\r\nNAME\r\n HYDRA-WIZARD - Wizard to use hydra from command line\r\nDESCRIPTION\r\n This script guide users to use hydra, with a simple wizard that will\r\n make the necessary questions to launch hydra from command line a fast\r\n and easily\r\n 1. The wizard ask for the service to attack\r\n 2. The target to attack\r\n 3. The username o file with the username what use to attack\r\n 4. The password o file with the passwords what use to attack\r\n 5. The wizard ask if you want to test for passwords same as login, null\r\n or reverse login\r\n 6. The wizard ask for the port number to attack\r\n Finally, the wizard show the resume information of attack, and ask if\r\n you want launch attack\r\nSEE ALSO\r\n hydra(1), dpl4hydra(1),\r\nAUTHOR\r\n hydra-wizard was written by Shivang Desai \u003cshivang.ice.2010@gmail.com\u003e.\r\nhttps://tools.kali.org/password-attacks/hydra\r\nPage 4 of 5\n\nThis manual page was written by Daniel Echeverry \u003cepsilon77@gmail.com\u003e,\r\n for the Debian project (and may be used by others).\r\n 19/01/2014 HYDRA-WIZARD(1)\r\npw-inspector\r\nA tool to reduce the password list\r\nroot@kali:~# pw-inspector -h\r\nPW-Inspector v0.2 (c) 2005 by van Hauser / THC vh@thc.org [https://github.com/vanhauser-thc/thc-hydra]\r\nSyntax: pw-inspector [-i FILE] [-o FILE] [-m MINLEN] [-M MAXLEN] [-c MINSETS] -l -u -n -p -s\r\nOptions:\r\n -i FILE file to read passwords from (default: stdin)\r\n -o FILE file to write valid passwords to (default: stdout)\r\n -m MINLEN minimum length of a valid password\r\n -M MAXLEN maximum length of a valid password\r\n -c MINSETS the minimum number of sets required (default: all given)\r\nSets:\r\n -l lowcase characters (a,b,c,d, etc.)\r\n -u upcase characters (A,B,C,D, etc.)\r\n -n numbers (1,2,3,4, etc.)\r\n -p printable characters (which are not -l/-u/-n, e.g. $,!,/,(,*, etc.)\r\n -s special characters - all others not within the sets above\r\nPW-Inspector reads passwords in and prints those which meet the requirements.\r\nThe return code is the number of valid passwords found, 0 if none was found.\r\nUse for security: check passwords, if 0 is returned, reject password choice.\r\nUse for hacking: trim your dictionary file to the pw requirements of the target.\r\nUsage only allowed for legal purposes.\r\nUpdated on: 2025-Dec-09\r\nSource: https://tools.kali.org/password-attacks/hydra\r\nhttps://tools.kali.org/password-attacks/hydra\r\nPage 5 of 5",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://tools.kali.org/password-attacks/hydra"
	],
	"report_names": [
		"hydra"
	],
	"threat_actors": [],
	"ts_created_at": 1775434423,
	"ts_updated_at": 1775791307,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/4a75f35efddfd81eef0b999a8c71456e4c07f6bb.pdf",
		"text": "https://archive.orkl.eu/4a75f35efddfd81eef0b999a8c71456e4c07f6bb.txt",
		"img": "https://archive.orkl.eu/4a75f35efddfd81eef0b999a8c71456e4c07f6bb.jpg"
	}
}