Attacking basic authentication with THC Hydra

THC Hydra is a long-time favorite online password cracking tool among hackers and penetration testers.

Online cracking means that login attempts to the service are actually made. This may generate a lot of traffic and raise alerts on the server when security and monitoring tools are in place. For this reason, you should be especially careful when attempting an online brute force or dictionary attack over an application or server, and tune the parameters so that you have the best possible speed without overwhelming the server, raising alerts, or locking out user accounts.

A good approach for conducting online attacks when there is monitoring in place or an account lockout after a certain number ...

Get Web Penetration Testing with Kali Linux - Third Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.