DDoS stands for Distributed Denial of Service. This is a cyber attack in which attacker floods the victim’s servers with unwanted traffic by using different system across the internet which may result in the crashing of the victim’s servers. This directly affects the availability of services. I am listing some tools which can be used for such types of attack. These tools are also useful in testing of network devices.
Note: Never use these tools against public websites without permission.
HULK is a Denial of Service (DoS) tool used to attack web server by generating volumes of unique and obfuscated traffic.
HULK’s generated traffic also bypasses caching engines and hits the server’s direct resource pool.
LOIC stands for Low Orbit Ion Canon. It is one of the most popular DoS attack tools available for Windows, Mac, and Linux.
This tool used by Hacker group Anonymous against many big companies and also requested users to participate in attack via IRC.
This tool generates traffic of UDP, HTTP, and TCP against victim server. It is UI based tool, which makes easy to use even for beginners.
You just need to enter IP or URL and select attack type: HTTP, UDP or TCP, simply click “IMMA CHARGIN MAH LAZER” and it will start attacking the victim server.
XOIC is another DOS attack tool with IP address, a user-selected port, and a user-selected protocol. It is a GUI based tool which makes easy to use for beginners. Developers of this tool claim that XOIC is more powerful than LOIC.
Three attacks mode are possible. The first one is basic. The second is the normal DOS attack mode. The third one is a DOS attack mode that comes with a TCP/HTTP/UDP/ICMP Message.
4. DDOSIM—Layer 7 DDOS Simulator
DDOSIM is another tool for a DDOS attack. It is written in C++ and runs on Linux. It simulates several compromised hosts (spoof IP addresses) and creates full TCP connections to the victim server.
Its current functionalities include HTTP DDoS with valid requests, HTTP DDoS with invalid requests, SMTP DDoS and TCP connection flood on the random port.
RUDY (R-U-Dead-Yet?) is a DoS tool used to execute slow-rate attacks (like Slowloris), which is implemented via long form field submissions.
Slow rate, Layer-7 DDoS attacks, also called “low and slow” attacks, because it generates a slow rate and low volume of traffic. It is difficult to detect by DDoS mitigation tools as tool sends continuous HTTP small packets to victim server which looks legitimate, keep using the resources over a period and exhaust it.
6. Tor’s Hammer
Tor’s Hammer is a slow-rate HTTP POST (Layer 7) DoS tool. Tor’s Hammer sends a classic slow POST attack, where HTML POST fields are transmitted at slow rates under the same session.
This attack also difficult to identify as tool sends continuous HTTP small packets to victim server which looks legitimate, keep using the resources over a period and exhaust it.
Tor’s Hammer is also able to spoof and generate traffic from random source IP. This makes it difficult for DDoS mitigation tool to detect an attack.
PyLoris is a scriptable tool for testing a server’s vulnerability to connection exhaustion denial of service (DoS) attacks.
PyLoris can utilize SOCKS proxies and SSL connections and can target protocols such as HTTP, FTP, SMTP, IMAP, and Telnet.
Features of Pyloris include Tkinter GUI, Scripting API, Anonymity, TOR Proxying, and SOCKS Proxying.
Slowloris is a tool used for DDoS attack. It is different from other tools, as it sends legitimate HTTP traffic.
This tool will not flood the victim server, it just makes full TCP connection and then requires only a few hundred requests at long-term and regular intervals.
This tool tries to exhaust all connection and in this way, hackers are able to down the victim’s server.
9. OWASP DOS HTTP POST
This tool is used to test the stability of your web applications against HTTP Post, Slowloris, and SSL renegotiation attacks.
DDoS attacks via other sites execution tool (DAVOSET) – it is the command line tool for conducting DDoS attacks on the sites via Abuse of Functionality and XML External Entities vulnerabilities at other sites.
GoldenEye is one of the popular HTTP Denial Of Service Tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.
This tool allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant.
Hyenae’s Features include ARP-Request flooding, ARP-Cache poisoning, ICMP-Echo flooding etc.
Hping3 is one of the best tools for the DDoS attack. It is used to send TCP/IP, UDP, ICMP, SYN/ACK packets and to display target replies like ping program does with ICMP replies. This tool can be used for Test firewall rules, Advanced port scanning, Test net performance using different protocols, packet size, TOS (the type of service) and fragmentation etc.
14. Apache BenchMark Tool
The ApacheBench tool (ab) is generally used to test a load of servers by sending an arbitrary number of concurrent requests but it can also use for DDoS attack. Although ab was designed for testing Apache installations, it can be used to benchmark any HTTP server.
The THC-SSL-DoS tool attacks the server by using the concept of SSL exhaustion, in which it renegotiates the keys again and again. This tool exhaust all SSL connection and down the victim’s server.
Subscribe us to receive more such articles updates in your email.
If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!
Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.