Hi All,

So I'm trying to use hydra to bruteforce a login on a system that uses custom http headers to receive the username and password. Hydra does not seem to be doing substitution of ^USER^ and ^PASS^ when used as HTTP headers. If I issue issuing a call to hydra like this:

hydra "http-post://0.0.0.0:8000/:H=username\:^USER^:H=password\:^PASS^" -l admin -p admin

I see the following r

I've tested on my own profile, and stefanofinding's profile, but nothing came up. I'm using the tags FindUserProfilesSlow, ShowUserProfilesSlow, FindUserProfilesSpecial on the web interface.
Selected "hackerone" on advanced options. No google API, no proxy, and default user-agent string.

I tested it beforehand with my github profile a

so if the password is correct it accepts it .... and if it's wrong it says the entered password is wrong .. and asks for the password again .. just like what the real sites do :)