# Online - Attacking Services

## Theory

Online password attacks target publicly-exposed network services by submitting many passwords or passphrases with the hope of eventually guessing correctly.

## Practice

Depending on the target service, different tools can be used

* [Hydra](https://github.com/vanhauser-thc/thc-hydra) (C) can be used against **a lot (50+)** of services like FTP, [HTTP/HTTPs](https://red.infiltr8.io/web-pentesting/web-vulnerabilities/server-side/brute-force), IMAP, LDAP, MS-SQL, MYSQL, RDP, SMB, SSH and many many more.
* [NetExec](https://github.com/Pennyw0rth/NetExec) (Python) can be used against LDAP, WinRM, SMB, SSH and MS-SQL.
* [Kerbrute](https://github.com/ropnop/kerbrute) (Go) and [smartbrute](https://github.com/ShutdownRepo/smartbrute) (Python) can be used against [Kerberos pre-authentication](https://red.infiltr8.io/ad/movement/kerberos/pre-auth-bruteforce).

{% hint style="info" %}
For brute-force techniques against a specific protocol, you may have a look on the [following pages (Network Services)](https://red.infiltr8.io/network-pentesting/protocols) or [this page for HTTP/HTTPS](https://red.infiltr8.io/web-pentesting/web-vulnerabilities/server-side/brute-force).
{% endhint %}

We may use these tools with a [specifically generated wordlists](https://red.infiltr8.io/redteam/credentials/passwd/generate-wordlists), or using [common, default, weak or leaked passwords](https://red.infiltr8.io/redteam/credentials/passwd/default-weak-and-leaked-passwords).