Home page logo

THC Hydra

When you need to brute force crack a remote authentication service, Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more. Like THC Amap this release is from the fine folks at THC. Other online crackers are Medusa and Ncrack. The Nmap Security Scanner also contains many online brute force password cracking modules. For downloads and more information, visit the THC Hydra homepage.

Popularity #22, 7
Rating ★★★★ (17)
Latest release 8.2
June 16, 2016
(4 years, 10 months ago)


no rating CHS_HK

this is the new link https://github.com/vanhauser-thc/thc-hydra

★★★★★ Yousef

My account was hacked from Tik Tok and I want revenge

no rating ow

I just find it annoying that the restore doesn't take into consideration the number of passwords already tested so that the speed is just a messy guess. Great tool, but the password generator is so weak.

no rating Oscar Henriquez

update the link https://github.com/vanhauser-thc/THC-Archive/tree/master/Tools

no rating Satoshi Nakamoto

Sorry mate for this comment for usa and europe. For admin please deleted a comment. Sorry for my comment. Thanks

Satoshi Nakamoto

It's old and cannot efective, you can create application for hacking called cracked but it's put manually password and can't automatically get the password.

This is a stupid and idiot cracked. You lose europe and united states of america.


hydra does not continue brute force after password is found. The -f option is not even used. How do i fix this?

@ram3a t.me

Hydra can not log in correctly on Google or Yahoo, even with proxy list ,

★★★★★ littl

This comment section tho. :o)

Thanks Harvey for the new link of Hydra website will dig that. I'm currently trying to recover the user and psw of my router and I need more information about the command possibilities.

PS : Hydra was not meant to easily crack any password in the world, it's more like a tool to test your network security.

PPS : Love the anispam question, very smart ! Thanks for making my education :D

no rating magizian


THC Hydra binary port for android.

★★★★★ no one important here

when wll be websitte up, i wanted ti learrn how to hack

i mean i jysst want to hack, with this miracle of tech u dont even have to learn anythign, its simplu as cliccking randomly on the keyboard

no rating NotMe

I cant believe the comments her lol sooooooo fucking stupid. Except you kamalakkannan. You are awsome.

★★★★ Ali the arabian

THC website is DEAD 25443222223334444444444444r4rtsdtttt

no rating DeadLink

THC Site link is dead. 23242526272829303132333435363738394041424344454647484950

★★★★★ kamalakkannan

hai sir i am a kamalakkannan from india not hack a gmail account how to hack a gmail account with out pass list

no rating Max Lee

Heya, Anyone know how Hydra determines attack speed? Using my PC i can get anywhere between 75 -150 per minute. How many per minute will a Pi do?

no rating Ashok

I am trying to brute force a Login.aspx page. It has two text fields - txt_Username and txt_Password The form submit however looks like this:

<input type="submit" name="btn_Login" value="Login" onclick="javascript:WebForm_DoPostBackWithOptions(new WebForm_PostBackOptions(&quot;btn_Login&quot;, &quot;&quot;, true, &quot;&quot;, &quot;&quot;, false, false))" id="btn_Login" class="btn btn-success"> On wrong login, there is a popup which shows the message Wrong User Name or Password. I have a correct username and password for testing. I put that, along with few wrong passwords in mostcommon.txt file. I ran the below command:

.\hydra -V -l 10026 -P mostcommon.txt -o found.txt xxx.yyy http-post-form “/Login.aspx:txt_Username=^USER^&txt_Password=^PASS^:Wrong" However, I get all 5 passwords as valid. What am I doing wrong? Any help would be much appreciated.

no rating lol

the amount of idiots on here who've just learned about XSS lol, i'm sure it'll work if you try hard enough!

★★★★★ bjamse

WoW this commentsection page is actually not dead!?!? Well that is quite impressive actually :)

no rating David

If you want to use Hydra I would just recommend getting an iso of Kali linux just go to Kali.org and download the iso file and burn it i'm pretty sure people are gonna get mad at this comment this is just a suggestion.

no rating asdf

<img src = "ffadf.com" onerror = "alert(1)"></img> sup basdfasdfasdfasdfasdfasdfasdfasddd

no rating -


★★★★★ noname

A nu cheeki 🅱️reeki

сука блять

no rating noname

Привет народ) Перебор по словарю? Серьёзно? А есть более ПРОДВИНУТЫЕ способы? Например через OS pentest (penetration testing) Ах да, с России есть кто? :-)

no rating Patrick

I notice that some people on this comment page are just asking to access an email account or a game account. keep in mind that THC Hydra brute forces using a dictionary attack, meaning that a file with a bank of common passphrases is run through by the program, to crack an authentication service. You can't just expect it to plug into an auth. service and instantly crack the password, unless you give it limitations (I'm assuming, because I use aircrack-ng with crunch), so it knows where to look. I recommend that you read the README file included. If you don't understand what it says, then... I don't know, man.

no rating DAVID


no rating "<h1>hello</h1>

good program good program good program good program

no rating heavs

i need to get a password of a forgotten email address its of a friend av tried but cant managecan i get help

no rating s


no rating Andre

great website never seen alike hope to see you all in forum bye now

no rating Christy K Kurian

How we can use big wordlist on Hydra Mine shows an error maximum allowed password 50000000 But mine is more than that

no rating polaalaa

please i want to instal kali linux on my pc any link pls

and please i need a hacker who can hack account in usa

pls contact me01275380062

no rating lulu

Hello Epic Hacker, i would like to catch back the gmail of our association, which has been blocked. There is the work of the association since 2007. So please could you help ? Thanks

no rating Aleesha Wolf

Hello Epic Hacker, I would like to hack a game called Animal Jam, A player i wanna hack, there username is lolyogo101, i want to go on her account and ruin it.

no rating taiwo

please i want to instal kali linux on my pc any link pls

and please i need a hacker who can hack account in usa

pls contact me +2348138015692


I have used Cygwin to install Hydra 8 on my Windows 7 OS, however, when using the "./xhydra" command, I receive this error: "Gtk-WARNING **: cannot open display". Any advice?

★★★★ Zerghunter666

I use THC-Hydra on my Raspberry Pi 3 with a copy of Kali Linux and its great easy and worth it!

★★★★★ Linux User

try installing xhydra on you Linux from the software center its easier to use and works!

★★★★★ ahmad

Hi There : I have try to hack my own gmail account so i try to put the right username and a list in passowrd include the right one i execute the command :

hydra smtp.gmail.com smtp -l (MY ACCOUNT@gmail.com) -P worldlists/passwords.lst -s 465 -v -V

when it's finish the account pass doesn't exist


no rating tat2

</p><script>alert('Hail Hydra') </script> <p>

no rating tat newer comment by this user ↑

"<script>alert('Hail Hydra') </script> <p> "test this concept out lol

no rating DeNZeL

hydra is dead? Why latest release 8.1 Dec. 8, 2014? =(!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

no rating Slimbo

Hello Friends, I am looking for big big bank accounts. I heard this tool is good for hacking mad stacks so please inquire me as to send this money towards my funds and Thank You.

no rating Tom


no rating joshua

can anyone tell me how to install hydra 8.1. I am not finding any exe file. please help me

no rating Help?

Would anyone be willing to crack a password for me? I have the IP already.

no rating vampire

Find this to be almost always quicker than ncrack.

no rating BryceMc

Please send me a direct link to the actual download not any ads or surveys.

no rating Bobby

Can you please make a website for this, that we can do off of a website

★★★★★ Harvey

Suggest changing the link in the main article as Hydra has moved to a GitHub server. https://github.com/vanhauser-thc/thc-hydra Your welcome :)

no rating Julz

Hey Dekota Coppler, your link to the site you gave has expired, there's no download there mate.

no rating Daniel Niu

I used this to hack into Mr. Diamonds email


no rating sihag

The download links not working. Plz provide another link, or email me the apk.

★★★★★ cisco

I have been using this for my internal ethical hacking tasks to brute force telnet access to Cisco network devices (routers, switches etc) with great success. It is very fast and stable tool. Have been using it on Kali Linux lately.

no rating Raptrex

I have a problem, I was instaling hydra using a guide from google, i did everything but when i enter the place in cmd where I puted hydra files it says it cant finde path but i did everything.... my mail is mr.black056@gmail.com if anyone can help me install hydra, to explain me from skratch how to do it

no rating Dakota Coppler

For anyone interested in using hydra for your android phone I made it extremely simple..

Download the hydra standalone android app here


Its hydra compiled under ARM with a unique c++ overcast I added..

Just open the app and you got hydra ready at yours finger tips..

no rating Dennisch

Can I use this to recover my ICQ password which isn't on my computer.

no rating xDaegothx

I have used Cygwin to install Hydra 8 on my Windows 7 OS, however, when using the "./xhydra" command, I receive this error: "Gtk-WARNING **: cannot open display". Any advice?

no rating trix

Find this to be almost always quicker than ncrack.

★★★★★ Martin

I'm amazed of the many protocols supported, and its fast! a windows gui would be great though

Your comment

Along with your rating, you can use the comment form to post a review, tutorial, tips and tricks, or anything else others will find useful. If you develop this software (or work for the company), please don't rate it. You may leave a clarifying comment as long as you state your affiliation and don't specify a star rating (just leave it as “No rating”).

  (will not be shown, will not be spammed)
(At least 50 characters. No markup is allowed. URLs will be made into links.)
 What is the length of an IPv6 address, in bytes? (antispam)

Feed for updates.


[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]