Skip to main content

Gzip Bomb responses for Flask

Project description

Gzip Bomb responses for Flask.

This package provides an extension to flask.Response class, GzipBombResponse, which can be used as a defensive measure for various vuln scans, dictionary attacks etc. It creates a response containing a gzipped data block filled with null characters with varying number of rounds (to achieve minimal size of response’s content).


>>> from flask import Flask
>>> from flask_gzipbomb import GzipBombResponse
>>> app = Flask(__name__)
>>> @app.route('/tiny-bomb')
... def gzipped():
...     return GzipBombResponse(size='1M')
>>> import gzip
>>> import requests
>>> r = requests.get('http://localhost:5000/tiny-bomb')
>>> r.headers['content-encoding']
>>> len(r.content) # gzipped content length in bytes
>>> data = gzip.decompress(r.content)
>>> data = gzip.decompress(data)
>>> len(data) # decompressed content length in bytes

GzipBombResponse accepts all arguments accepted by Response class with additional size parameter, describing response content length in bytes after decompression. Possible values:

‘1k’, ‘10k’, ‘100k’, ‘1M’, ‘10M’, ‘100M’, ‘1G’, ‘10G’

with k, M and G denoting kilobyte, megabyte and gigabyte. Any other value will result raise a KeyError. By default size is set to ‘10M’, however it is recommended to use ‘10G’ for achieving desired effect.

This package is for protection and educational purposes only. Using it for any malicious purpose is strictly prohibited.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

Flask-GzipBomb-0.1.0.tar.gz (6.7 kB view hashes)

Uploaded Source

Built Distribution

Flask_GzipBomb-0.1.0-py2.py3-none-any.whl (9.3 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page