thc-hydra
hydra (by vanhauser-thc)
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL. (by projectdiscovery)
thc-hydra | nuclei | |
---|---|---|
18 | 17 | |
9,157 | 17,611 | |
- | 2.1% | |
5.0 | 9.8 | |
27 days ago | 4 days ago | |
C | Go | |
GNU Affero General Public License v3.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
thc-hydra
Posts with mentions or reviews of thc-hydra.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-09-19.
-
Show HN: Hydra - Open-Source Columnar Postgres
Nice tool, only unfortunate name, consider changing it. Already very well know security tool named hydra https://github.com/vanhauser-thc/thc-hydra been around since 2001. Then facebook went ahead and named their config tool hydra https://github.com/facebookresearch/hydra on top of it. Like we get it, hydra popular mythology but we could use more original naming for tools
- Help with a brute force tool
-
What's everyone working on this week (26/2023)?
I just started learning Rust, but I will begin building a brute-force tool. Hydra is great but lacks updates, IMHO. I started using Golang, but it sucks (I love the Go language, but it sucks for this type of task).
-
The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research)
Hydra
- Unable to complete libssh2 handshake
-
Password Attacks - Network Services
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2023-01-28 16:31:17 [WARNING] the rdp module is experimental. Please test, report - and if possible, fix. [WARNING] Restorefile (ignored ...) from a previous session found, to prevent overwriting, ./hydra.restore [DATA] max 3 tasks per 1 server, overall 3 tasks, 21112 login tries (l:104/p:203), ~7038 tries per task [DATA] attacking rdp://10.129.202.136:3389/ [STATUS] 166.00 tries/min, 166 tries in 00:01h, 20946 to do in 02:07h, 3 active [STATUS] 121.67 tries/min, 365 tries in 00:03h, 20747 to do in 02:51h, 3 active [3389][rdp] account on 10.129.202.136 might be valid but account not active for remote desktop: login: password: , continuing attacking the account. [STATUS] 86.29 tries/min, 604 tries in 00:07h, 20509 to do in 03:58h, 2 active [ERROR] all children were disabled due too many connection errors 0 of 1 target completed, 0 valid password found [INFO] Writing restore file because 2 server scans could not be completed [ERROR] 1 target was disabled because of too many errors [ERROR] 1 targets did not complete Hydra (https://github.com/vanhauser-thc/thc-hydra) finished at 2023-01-28 16:38:23
- Could use some help
- Github hydra scripts
-
THC-Hydra in Rust FOSS Project
I am searching for people interested in coding an alternative to the thc-hydra project, with additional features (implementing the Shodan api to make it automated, etc...)
-
THM HackPark
Hydra (https://github.com/vanhauser-thc/thc-hydra) starting at 2022-10-22 13:09:13
nuclei
Posts with mentions or reviews of nuclei.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-05-22.
-
The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research)
Nuclei
- Show HN: Oneleet β Penetration Testing for SoC 2 and beyond
-
Looking for short-term, resource intensive tasks to throw at a cloud server
If you own any web properties, you can use https://github.com/projectdiscovery/nuclei running in a beefy VM to scan them for vulnerabilities. It will scale to use all available resources if you give it a big box.
-
Pentesting Tools I Use Everyday
Learn more about nuclei here: https://nuclei.projectdiscovery.io/
-
How I found 130+ Sub-domain Takeover vulnerabilities using Nuclei
Read about how I was able to find 136 Sub-domain Takeover vulnerabilities on a Single Target using the Nuclei tool πππClick Here - How I found 130+ Sub-domain Takeover vulnerabilities using Nuclei
-
How to develope a Network Vuln Scanner
Iβd look at flan and nmap and nuclei for inspiration.
-
Thoughts on Vuln scanning public facing websites/hosts during an incident?
Had an idea to leverage the community vuln scanner Nuclei (https://nuclei.projectdiscovery.io/) to just run a quick scan against the public facing hostname/IP. The job isn't supposed to be "hey you're vulnerable to xyz, but to aid in the discovering initial access. I believe this would be considered "good faith" and you're not technically be doing anything nefarious, but wanted to get the communities thoughts on this.
- Nuclei β Community Powered Vulnerability Scanner
-
Log4J Network Scanning/Detection on a 100k+ Node Network
Check out Nuclei (https://github.com/projectdiscovery/nuclei)
What are some alternatives?
When comparing thc-hydra and nuclei you can also consider the following projects:
naive-hashcat - Crack password hashes without the fuss :cat2:
jaeles - The Swiss Army knife for automated Web Application Testing
Metasploit - Metasploit Framework
ZAP - The ZAP core project
SQLMap - Automatic SQL injection and database takeover tool
elpscrk - An Intelligent wordlist generator based on user profiling, permutations, and statistics. (Named after the same tool in Mr.Robot series S01E01)
ffuf - Fast web fuzzer written in Go
mimikatz - A little tool to play with Windows security
RustScan - π€ The Modern Port Scanner π€
PSKracker - An all-in-one WPA/WPS toolkit
osmedeus - A Workflow Engine for Offensive Security