Passwords are the among the most standard ways to protect and authenticate the security of a network or any other confidential information. Password cracking helps in the penetration testing so that we can find out the strength of a password. In this paper, we are going to discuss different types of password cracking tools with an emphasis on THC Hydra. We are also going to discuss different types of attacks that can be launched by password cracking tools. The paper specifically demonstrates the attack of THC Hydra on an FTP server and an SSH server that can be used in the teaching of a foundational cybersecurity course. We conclude the paper with a discussion on several actions that can be taken for end-user protection.