The number one biggest security hole is passwords, as every password security study shows. Hydra is a parallelized (multi-threaded) login cracker which supports attacking/cracking numerous protocols. New modules are easy to add, beside that, it is flexible and very fast.
We haven’t mentioned Hydra since way back in 2007 – THC-Hydra – The Fast and Flexible Network Login Hacking Tool
Currently this tool supports:
TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL,
MYSQL, REXEC,RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5,
VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3,
Postgres, Teamspeak, Cisco auth, Cisco enable, AFP, LDAP2,
Cisco AAA (incorporated in telnet module).
Recent changes for v5.8
- Added Apple Filing Protocol (thank to “never tired” David Maciejak @ gmail dot com)
- Fixed a big bug in the SSL option (-S)
Additions prior to public release (v5.7 and before)
- Added ncp support plus minor fixes (by David Maciejak @ GMAIL dot com)
- Added an old patch to fix a memory from SSL and speed it up too from kan(at)dcit.cz
- Removed unnecessary compiler warnings
- Enhanced the SSH2 module based on an old patch from aris(at)0xbadc0de.be
- Fixed small local defined overflow in the teamspeak module. Does it still work anyway??
- Moved to GPLv3 License (lots of people wanted that)
- Upgraded ssh2 module to libssh-0.4.x (thanks to aris (at) 0xbadc0de.be for the 0.2 basis)
- Added firebird support (by David Maciejak @ GMAIL dot com)
- Added SIP MD5 auth patch (by Jean-Baptiste Aviat jba [at] hsc [dot] `french tld’)
- Removed Palm and ARM support
- Fix for cygwin which falsely detected postgres library when there was none.
You can download Hydra v5.8 here:
Or read more here.