SlowHTTPTest - Application Layer DoS Attack Simulator
SlowHTTPTest is a highly configurable tool that can simulate application layer denial of service attacks by prolonging HTTP connections in different ways.
It can simulate Slowloris, Slow HTTP POST, Slow Read attack, and the Apache Range Header attack.
Slowloris and Slow HTTP POST attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed. If an HTTP request is not complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data. If the server keeps too many resources busy, this creates a denial of service. This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server.
Slow Read attack aims the same resources as slowloris and slow POST, but instead of prolonging the request, it sends legitimate HTTP request and reads the response slowly.
Apache Range Header attack relay on a vulnerability in the Apache HTTPD server (prior to version 2.2.20). With a modest number of requests, the attack can cause very significant memory and CPU usage on the server.
SlowHTTPTest works on a majority of Linux platforms, OS X and Cygwin.
You might also like:
- 150+ Proxy Sites To Unblock Blocked Websites
- 10 Best Free GPS Spoofer Apps For Android
- Beginner's Guide To The Deep Web and The Dark Web
- How To Change (spoof) MAC Address on Android (3 Methods)
- WIBR (WiFi BruteForce) - Android App For Hackers
- 31 Best Sites To Receive SMS Online Without a Phone
- 11 Best Registry Hacks For Windows 7
- Router Brute Force - Android app For Hackers
- Hash Droid - A Tool To Calculate and Compare Hashes
- Browser Password Decryptor - Tool For Recovering Website Login Details Stored By Popular Web Browsers
- Browser Password Remover - Tool For Removing All Login Details From Popular Browsers
- BSNL Password Decryptor - Tool For Recovering BSNL Modem/Router Password
- Chrome Password Decryptor - Free Tool To Recover Stored Passwords From Google Chrome
- Chrome Password Remover - Tool To Quickly Remove Stored Login Info From Google Chrome
- Cisco Password Decryptor - Free Tool For Recovering Cisco Type 7 Router Password
- SSLsplit - Tool For Man-In-The-Middle Attacks Against SSL/TLS Encrypted Network Connections
- Algorithm - The Hacker Movie
- TXDNS - An Aggressive Multithreaded DNS Digger/Brute-Forcer
- PwnPi - A Pen-testing Drop Box Distribution For Raspberry Pi
Post a Comment