Notes on Brute Force Attacks using Hydra
3 min readNov 24, 2022
Part 1
Brute-forcing methods:
- offline (a.k.a offline password cracking)
- online (e.g. login forms)
I’ve seen people on twitter often mentioning wfuzz
and ffuf
for login brute-forcing. However, these notes are about the usage of thehydra
tool.
To install it on your local VM:
apt install hydra -y
There can be different scenarios for brute-forcing, such as brute-forcing basic HTTP auth, brute-forcing for default…