- Nick Congleton
IntroductionHail Hydra! Okay, so we're not talking about the Marvel villains here, but we are talking about a tool that can definitely do some damage. Hydra is a popular tool for launching brute force attacks on login credentials.
Hydra has options for attacking logins on a variety of different protocols, but in this instance, you will learn about testing the strength of your SSH passwords. SSH is present on any Linux or Unix server and is usually the primary way admins use to access and manage their systems. Sure, cPanel is a thing, but SSH is still there even when cPanel is being used.
This guide makes use of wordlists to provide Hydra with passwords to test. If you aren't familiar with wordlists yet, go check out our Crunch guide.
Warning: Hydra is a tool for attacking. Only use it on your own systems and networks unless you have the written permission of the owner. Otherwise, it is illegal.