Small and simple tool for testing Slow Loris vulnerability
Project description
This repository was created for testing Slow Loris vulnerability on different web servers. SL based on keeping alive open connection as long as possible and sending some trash headers to the server. If you are interested what I’m trying doing here, please join my team and let’s do fun together. Please DO NOT use this in the real attacks on the servers.
The main reason why I’m writing this module it is to create the easy tool for the fast check a small personal or corporate web server what based on Apache and etc. Also, last but not least reason is to improve my skills in this sphere.
More information you can find here.
Usage
Options |
Description |
---|---|
-h, –help |
Show help message |
-u URL, –url |
Link to the web server (http://google.com) - str |
-p PORT, –port |
Port what will be used - int |
-s SOCKET_COUNT, –socket-count |
Maximum count of created connection (default value 300) - int |
$ slowloris [-h] [-u URL] [-p PORT] [-s SOCKET_COUNT]
stop execution: Ctrl + C
Install module
$ pip install pyslowloris
TODO list
[ ] add proxy, multiple headers(useragent and other).
[x] add logging
[ ] add ssl support
[ ] add file list attack
[ ] add docker image to docker hub
If you find bugs or have suggestions about improving the module, don’t hesitate to contact me.
License
Copyright (c) 2017 Maxim Krivich, https://maxkrivich.github.io/
Licensed under the MIT License
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for PySlowLoris-0.1.29-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8d68eba5436dc14cf1ac7c3ffa7c95c39745e78eee7f44395d2181f7ed0ee6f8 |
|
MD5 | 530e3d6269c747ecb626ab57100228ca |
|
BLAKE2b-256 | 0ca003bea425d72db4ae0b8c226876d04b0b71743a0fdeaf831b56f551b6feac |