Small and simple tool for testing Slow Loris vulnerability

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for maxkrivich from gravatar.com maxkrivich

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Maxim Krivich

Tags SlowLoris, ddos, slowloris, ddos, apache, ddos-attacks, denial-of-service, http, exploit, ddos-tool, hacker-scripts, hacking-tool, hacking, vulnerability, slow-requests, cybersecurity, cyber-security, information-security, security, server

Classifiers

Project description

Gitter chat License Python Build Status Coverage Status Requirements Status

This repository was created for testing Slow Loris vulnerability on different web servers. SL based on keeping alive open connection as long as possible and sending some trash headers to the server. If you are interested what I’m trying doing here, please join my team and let’s do fun together. Please DO NOT use this in the real attacks on the servers.

The main reason why I’m writing this module it is to create the easy tool for the fast check a small personal or corporate web server what based on Apache and etc. Also, last but not least reason is to improve my skills in this sphere.

More information you can find here.

Usage

Options

Description

-h, –help

Show help message

-u URL, –url

Link to the web server (http://google.com) - str

-p PORT, –port

Port what will be used - int

-s SOCKET_COUNT, –socket-count

Maximum count of created connection (default value 300) - int

 
$ slowloris [-h] [-u URL] [-p PORT] [-s SOCKET_COUNT]

stop execution: Ctrl + C

Install module

$ pip install pyslowloris

TODO list

  • [ ] add proxy, multiple headers(useragent and other).

  • [x] add logging

  • [ ] add ssl support

  • [ ] add file list attack

  • [ ] add docker image to docker hub

If you find bugs or have suggestions about improving the module, don’t hesitate to contact me.

License

Copyright (c) 2017 Maxim Krivich, https://maxkrivich.github.io/

Licensed under the MIT License

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for maxkrivich from gravatar.com maxkrivich

Unverified details

These details have not been verified by PyPI
Project links
GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

License: MIT License (MIT)

Author: Maxim Krivich

Tags SlowLoris, ddos, slowloris, ddos, apache, ddos-attacks, denial-of-service, http, exploit, ddos-tool, hacker-scripts, hacking-tool, hacking, vulnerability, slow-requests, cybersecurity, cyber-security, information-security, security, server

Classifiers

Release history Release notifications | RSS feed

2.0.2

2.0.1

0.1.30

This version

0.1.29

0.1.3

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

PySlowLoris-0.1.29.tar.gz (9.9 kB view hashes)

Uploaded Source

Built Distribution

PySlowLoris-0.1.29-py2.py3-none-any.whl (17.4 kB view hashes)

Uploaded Python 2 Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page