> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Hydra Cheat Sheet

> Brute-force templates for common protocols ordered by port: FTP, SSH, HTTP, SMB, RDP, MySQL, and more.

## Brute-Force Templates

***

## 21. FTP

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt ftp://<IP>
```

Anonymous:

```bash theme={"dark"}
hydra -l anonymous -p anonymous ftp://<IP>
```

***

## 22. SSH

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt ssh://<IP>
```

Custom port:

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt ssh://<IP> -s 2222
```

***

## 25. SMTP

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt smtp://<IP>
```

***

## 80. HTTP (POST)

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt <IP> http-post-form "/login:username=^USER^&password=^PASS^:Invalid login"
```

## 80. HTTP (GET)

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt <IP> http-get-form "/login.php?user=^USER^&pass=^PASS^:Invalid"
```

## 80. HTTP Basic Auth

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt <IP> http-get /
```

***

## 110. POP3

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt pop3://<IP>
```

***

## 139 / 445. SMB

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt smb://<IP>
```

Domain:

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt smb://<IP> -m WORKGROUP
```

***

## 143. IMAP

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt imap://<IP>
```

***

## 443. HTTPS (POST)

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt <IP> https-post-form "/login:username=^USER^&password=^PASS^:Invalid login"
```

## 443. HTTPS (GET)

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt <IP> https-get-form "/login.php?user=^USER^&pass=^PASS^:Invalid"
```

***

## 3306. MySQL

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt mysql://<IP>
```

***

## 3389. RDP

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt rdp://<IP>
```

Domain:

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt rdp://<IP> -m DOMAIN
```

***

## 5432. PostgreSQL

```bash theme={"dark"}
hydra -L users.txt -P passwords.txt postgres://<IP>
```

***

## 5900. VNC

```bash theme={"dark"}
hydra -P passwords.txt vnc://<IP>
```

***

## 161. SNMP

```bash theme={"dark"}
hydra -P community.txt snmp://<IP>
```

***

## Parameters

| Parameter | Example          | Description                                                                                                                                                   |
| --------- | ---------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `-l`      | `-l admin`       | Attack only one user                                                                                                                                          |
| `-L`      | `-L users.txt`   | Multiple usernames                                                                                                                                            |
| `-p`      | `-p password123` | One password                                                                                                                                                  |
| `-P`      | `-P rockyou.txt` | Password wordlist                                                                                                                                             |
| `-C`      | `-C creds.txt`   | `username:password` combos                                                                                                                                    |
| `-u`      | `-u`             | Loop passwords first: try each password against all users before the next password (spray order). Default (no `-u`) finishes all passwords for one user first |
| `-e nsr`  | `-e nsr`         | Try null / same / reversed password                                                                                                                           |
| `-t`      | `-t 16`          | Parallel connections (speed)                                                                                                                                  |
| `-s`      | `-s 2222`        | Custom port                                                                                                                                                   |
| `-S`      | `-S`             | Use SSL/TLS                                                                                                                                                   |
| `-v`      | `-v`             | Show attempts                                                                                                                                                 |
| `-V`      | `-V`             | Show every credential tested                                                                                                                                  |
| `-f`      | `-f`             | Stop after first valid login                                                                                                                                  |
| `-o`      | `-o found.txt`   | Save results                                                                                                                                                  |
| `-R`      | `-R`             | Resume attack                                                                                                                                                 |
| `-I`      | `-I`             | Ignore restore file                                                                                                                                           |
| `-w`      | `-w 5`           | Server response timeout                                                                                                                                       |
| `-W`      | `-W 1`           | Delay between attempts (stealth)                                                                                                                              |
| `-M`      | `-M targets.txt` | Multiple targets                                                                                                                                              |
| `-m`      | `-m`             | Extra module options                                                                                                                                          |
| `-U`      | `hydra -U ssh`   | Show module help                                                                                                                                              |
