Project URL: https://docs.google.com/presentation/d/11K2AU1XydB-TlCG8_fuKYivYQKZchR5hoogTozgYGjo/edit?usp=sharing

For a recent project on TryHackMe, I successfully completed a task involving the deployment and penetration testing of a machine provided by the platform. After deploying the machine and allowing a brief booting period, I accessed the machine via its designated IP address using various methods, including SSH and a web form. Utilizing the powerful tool Hydra, I executed targeted brute force attacks on both SSH and web form login interfaces. For SSH, I formulated and executed Hydra commands tailored to the protocol, specifying the username, password list, and number of threads to optimize efficiency. Similarly, for the web form, I meticulously crafted Hydra commands, accounting for the specific POST method, login page URL, username and password fields, and identifying strings for successful and failed login attempts. This hands-on exercise not only sharpened my understanding of brute force attacks but also enhanced my proficiency in leveraging tools like Hydra to uncover vulnerabilities and strengthen security measures.