One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version.


Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP.

Change Log
  • New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!)
  • Added support for win8 and win2012 server to the RDP module
  • Better target distribution if -M is used
  • Added colored output (needs libcurses)
  • Better library detection for current Cygwin and OS X
  • Fixed the -W option
  • Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested
  • Fixed HTTP Form module false positive when no answer was received from the server
  • Fixed SMB module return code for invalid hours logon and LM auth disabled
  • Fixed http-{get|post-form} from xhydra
  • Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz)
  • Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-)
  • Added debug mode option to usage (thanks to Anold Black)

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.