Top 15 DDoS Attack Tools [For Educational Purposes Only]

DDoS stands for Distributed Denial of Service. This is a cyber-attack. The attacker floods the victim's servers with unwanted traffic. They use different systems across the internet. This results in the victim's servers crashing. This directly affects the availability of services.  I am listing some tools which can be used for such types of attacks. These tools are also useful in the testing of network devices.

Top 15 DDoS Attack Tools

Note: Never use these tools against public websites without permission.

1. HULK

HULK is a Denial of Service (DoS) tool used to attack web servers by generating unique and obfuscated traffic volumes.

HULK's generated traffic also bypasses caching engines and hits the server's direct resource pool.
Download: https://github.com/grafov/hulk

Click Here to learn the top 5 Commands to Test DNS Zone Transfer in 2 minutes

2. LOIC

LOIC stands for Low Orbit Ion Cannon. It is one of the most popular DoS attack tools available for Windows, Mac, and Linux.

This tool was used by the hacker group Anonymous against many big companies. It requested users to participate in the IRC attack.

This tool generates traffic of UDP, HTTP, and TCP against the victim server. It is a UI-based tool, which makes it easy to use even for beginners.

You just need to enter the IP or URL. Select the attack type: HTTP, UDP, or TCP. Simply click “IMMA CHARGIN MAH LAZER” to initiate the attack. It will start attacking the victim server.

Download: https://sourceforge.net/projects/loic/

3. XOIC

XOIC is another DOS attack tool with an IP address, a user-selected port, and a user-selected protocol. It is a GUI-based tool that makes it easy to use for beginners. Developers of this tool claim that XOIC is more powerful than LOIC.

Three attack modes are possible. The first one is basic. The second is the normal DOS attack mode. The third one is a DOS attack mode that comes with a TCP/HTTP/UDP/ICMP Message.

Click here to Examples of Kali Linux Hydra Tool

4. DDOSIM—Layer 7 DDOS Simulator

DDOSIM is another tool for a DDOS attack. It is written in C++ and runs on Linux. It simulates several compromised hosts (spoof IP addresses) and creates full TCP connections to the victim server.

Its current functionalities include HTTP DDoS with valid requests and HTTP DDoS with invalid requests. It also supports SMTP DDoS. Additionally, it provides TCP connection flooding on the random port.

Download: https://sourceforge.net/projects/ddosim/

5. R-U-Dead-Yet

RUDY (R-U-Dead-Yet?) is a DoS tool used to execute slow-rate attacks (like Slowloris), which is implemented via long-form field submissions.

Slow rate, Layer-7 DDoS attacks, also called “low and slow” attacks, generate a slow rate and low volume of traffic. DDoS mitigation tools are difficult to detect. A tool sends continuous HTTP small packets to the victim server. These packets look legitimate. They keep using the resources over a period and eventually exhaust them.

Download: https://sourceforge.net/projects/r-u-dead-yet/

6. Tor’s Hammer

Tor's Hammer is a slow-rate HTTP POST (Layer 7) DoS tool. Tor's Hammer sends a classic slow POST attack. During this attack, HTML POST fields are transmitted at slow rates under the same session.

This attack is also difficult to identify. It uses a tool that sends continuous HTTP small packets to the victim server. These packets look legitimate and keep using the resources over time, eventually exhausting them.

Tor's Hammer is also able to spoof and generate traffic from random source IPs. This makes it difficult for DDoS mitigation tools to detect an attack.
Download: https://sourceforge.net/projects/torshammer/

Click Here to learn about SSH Protocol in 2 minutes

7. PyLoris

PyLoris is a scriptable tool for testing a server's vulnerability to connection exhaustion denial of service (DoS) attacks.

PyLoris can utilize SOCKS proxies and SSL connections and target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.

Features of Pyloris include Tkinter GUI, Scripting API, Anonymity, TOR Proxying, and SOCKS Proxying.

Download: https://sourceforge.net/projects/pyloris/

8. Slowloris

Slowloris is a tool used for DDoS attacks. It is different from other tools, as it sends legitimate HTTP traffic.

This tool will not flood the victim server. It just makes a full TCP connection and requires only a few hundred requests at long-term and regular intervals.

This tool tries to exhaust all connections, and in this way, hackers can down the victim's server.

Download: https://github.com/llaera/slowloris.pl

9. OWASP DOS HTTP POST

This tool is used to test your web applications' stability against HTTP Post, Slowloris, and SSL renegotiation attacks.

Download: https://github.com/proactiveRISK/ddos-toolbox

10. DAVOSET

DDoS attacks via other sites execution tool (DAVOSET) - it is a command-line tool. This tool conducts DDoS attacks on sites through Abuse of Functionality. It also exploits XML External Entities vulnerabilities at other sites.

Download: https://github.com/MustLive/DAVOSET

11. GoldenEye

GoldenEye is one of the popular HTTP Denial Of Service Tools. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options. These help to persist the socket connection and bust through caching when possible. This continues until it consumes all available sockets on the HTTP/S server.

Download: https://github.com/jseidl/GoldenEye

12. Hyenae

This tool allows you to reproduce several MITM, DoS, and DDoS attack scenarios. It comes with a clusterable remote daemon. There is also an interactive attack assistant included.

Hyenae’s Features include ARP-Request flooding, ARP-Cache poisoning, ICMP-Echo flooding, etc.
Download: https://sourceforge.net/projects/hyenae/

Click Here to learn Tools of Active Reconnaissance for Penetration Testing

13. Hping3

Hping3 is one of the best tools for DDoS attacks. It is used to send TCP/IP, UDP, ICMP, SYN/ACK packets, and display target replies like the ping program does with ICMP replies. This tool can be used for testing firewall rules. It is also effective for advanced port scanning. Additionally, you can test network performance using different protocols. You might also adjust packet size and TOS (the type of service) fragmentation, etc.

Download: http://www.hping.org/download.php

14. Apache Benchmark Tool

The ApacheBench tool (ab) is generally used to test a server load. It sends an arbitrary number of concurrent requests. However, it can also be used for DDoS attacks. Although ab was designed for testing Apache installations, it can be used to benchmark any HTTP server.

Download: https://github.com/aliostad/SuperBenchmarker

15. Thc-ssl-dos

The THC-SSL-DoS tool attacks the server by using the concept of SSL exhaustion. This concept involves renegotiating the keys repeatedly. This tool exhausts all SSL connections and down the victim’s server.

Download: https://github.com/azet/thc-tls-dos