Adblock Detected

Read

[RESEARCH] Banks In Hong Kong Running With What Services

Read

LOIC 1.0.8 (Low Orbit Ion Cannon) - A network stress testing application

Read

Zarp - Local Network Attack Framework

Read

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically or to the attacker directly. Various sniffers are included to automatically parse usernames and passwords from various protocols, as well as view HTTP traffic and more. DoS attacks are included to knock out various systems and applications. These tools open up the possibility for very complex attack scenarios on live networks quickly, cleanly, and quietly.

The long-term goal of zarp is to become the master command center of a network; to provide a modular, well-defined framework that provides a powerful overview and in-depth analysis of an entire network. This will come to light with the future inclusion of a web application front-end, which acts as the television screen, whereas the CLI interface will be the remote. This will provide network topology reports, host relationships, and more. zarp aims to be your window into the potential exploitability of a network and its hosts, not an exploitation platform itself; it is the manipulation of relationships and trust felt within local intranets. Look for zeb, the web-app frontend to zarp, sometime in the future.

Tool Overview

Broad categories are (see wiki for more information on these):

Poisoners
Denial of Service
Sniffers
Scanners
Services
Parameter
Attacks

List of modules accessible from the command line:

bryan@debdev:~/tools/zarp$ sudo ./zarp.py --help
[!] Loaded 34 modules.
     ____   __   ____  ____
    (__  ) / _\ (  _ \(  _ '
     / _/ /    \ )   / ) __/
    (____)\_/\_/(__\_)(__)  [Version: 0.1.5]

usage: zarp.py [-h] [-q FILTER] [--update] [--wap] [--ftp] [--http] [--smb]
               [--ssh] [--telnet] [-w] [-s] [--service-scan]

optional arguments:
  -h, --help      show this help message and exit
  -q FILTER       Generic network sniff
  --update        Update Zarp

Services:
  --wap           Wireless access point
  --ftp           FTP server
  --http          HTTP Server
  --smb           SMB Service
  --ssh           SSH Server
  --telnet        Telnet server

Scanners:
  -w              Wireless AP Scan
  -s              Network scanner
  --service-scan  Service scanner
bryan@debdev:~/tools/zarp$

Download Zarp

HULK - Web Server DoS Tool

Read

[GoldenEye v2.1] DoS Tool

Read

GoldenEye is a HTTP/S Layer 7 Denial-of-Service Testing Tool. It uses KeepAlive (and Connection: keep-alive) paired with Cache-Control options to persist socket connection busting through caching (when possible) until it consumes all available sockets on the HTTP/S server.

Changelog v2.1

2014-02-20 Added randomly created user agents (still RFC compliant).
2014-02-19 Removed silly referers and user agents. Improved randomness of referers. Added external user-agent list support.

Usage

USAGE: ./goldeneye.py  [OPTIONS]

OPTIONS:
 Flag Description Default
 -u, --useragents File with user-agents to use (default: randomly generated)
 -w, --workers Number of concurrent workers (default: 50)
 -s, --sockets Number of concurrent sockets (default: 30)
 -m, --method HTTP Method to use 'get' or 'post' or 'random' (default: get)
 -d, --debug Enable Debug Mode [more verbose output] (default: False)
 -h, --help Shows this help

Download GoldenEye v2.1

[GoldenEye v2.0] DoS Tool

Read

Usage

USAGE: ./goldeneye.py  [OPTIONS]

 OPTIONS:
     Flag           Description                     Default
     -t, --threads      Number of concurrent threads                (default: 500)
     -m, --method       HTTP Method to use 'get' or 'post'  or 'random'         (default: get)
     -d, --debug        Enable Debug Mode [more verbose output]         (default: False)
     -h, --help     Shows this help

Changelog v2.0

2013-03-26 Changed from threading to multiprocessing. Threading is bad because its subject to GIL.
2012-12-09 Initial release

Download GoldenEye v2.0

[(D)DoS Deflate] Script designed to block a denial of service attack

Read

(D)DoS Deflate is a lightweight bash shell script designed to assist in the process of blocking a denial of service attack. It utilizes the command below to create a list of IP addresses connected to the server, along with their total number of connections. It is one of the simplest and easiest to install solutions at the software level.

netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

IP addresses with over a pre-configured number of connections are automatically blocked in the server's firewall, which can be direct iptables or Advanced Policy Firewall (APF). (We highly recommend that you use APF on your server in general, but deflate will work without it.)

Notable Features

It is possible to whitelist IP addresses, via /usr/local/ddos/ignore.ip.list.
Simple configuration file: /usr/local/ddos/ddos.conf
IP addresses are automatically unblocked after a preconfigured time limit (default: 600 seconds)
The script can run at a chosen frequency via the configuration file (default: 1 minute)
You can receive email alerts when IP addresses are blocked.

Download (D)DoS Deflate

[Zarp v0.1.2] The Python Network Attack Tool

Read