THC Hydra Password Cracker

Hydra is a fast and flexible network logon cracker that supports over 50 protocols for performing brute-force and dictionary attacks against network services. Developed by The Hacker's Choice (THC) organization since 2001 by Van Hauser, with over 10,000 stars as of 2026, Hydra is one of the most widely used security assessment tools for testing authentication strength. Key features include: protocol support (FTP, HTTP, HTTPS, SMTP, SMTPS, IMAP, IMAPS, POP3, POP3S, SSH, Telnet, VNC, RDP, SMB, RSH, MySQL, PostgreSQL, MSSQL, Oracle, LDAP2, LDAP3, SNMP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, ICQ, IRC, NNTP, NCP, NRPC, PCAnywhere, RTSP, SAP R/3, SFTP, SIP, Socks5, SSH, SVN, Teamspeak, Vmauthd, and X11), parallel attacks (up to 64 concurrent connections per target with configurable thread counts), authentication methods (basic, digest, NTLM, HTTP form-based, and service-specific auth), password lists (support for custom wordlists, username lists, and combined credential files), timing control (connection timeout, response timeout, and rate limiting to avoid lockouts), SSL and TLS (full support for encrypted protocols with configurable certificate verification), credential cycling (automatic username and password cycling with optional null password attempts and reverse login attempts), target specification (single host, host range, or file-based target list with per-port configuration), proxy support (HTTP and SOCKS proxy chaining for routing attacks through intermediate servers), and verbose output (detailed progress display with found credentials highlighted).