List of resource exhaustion attack tools

This is a list of resource exhaustion attack tools.

HULK (HTTP Unbearable Load King)

HULK attempts to overload an HTTP server with high volumes of obfuscated and unique traffic.[1]

THC SSL DOS

THC-SSL-DOS initiates an SSL handshake and repeatedly requests a renegotiation of the encryption key.[2][3] This is particularly likely to cause resource exhaustion on platforms with a blocking /dev/random.

#RefRef

#RefRef uses carefully crafted regular expressions to exhaust server resources. To note an attack that was less than thirty seconds from #RefRef in 2011 was able to bring Pastebin offline for over thirty minutes.[4] It abuses MySQL's benchmark() function to evaluate an expression many times.[5]

Tor‘s Hammer

Tor's Hammer is an application layer DoS attack tool. It uses the POST fields and transmits the data at slow rates. Tor's Hammer makes connections over the Tor anonymity network in order to protect its user from detection.[6]

GoldenEye

GoldenEye is an application layer attack tool that exploits HTTP's Keep-Alive and NoCache header fields.[7][8]

References

  1. http://www.sectorix.com/2012/05/17/hulk-web-server-dos-tool/
  2. https://www.youtube.com/watch?v=Ex2xz0ZOKKs
  3. http://www.wired.com/2011/10/ssl-dos/
  4. https://security.radware.com/ddos-knowledge-center/ddospedia/refref/
  5. http://www.sectorix.com/2012/05/10/looking-into-refref-pl/
  6. https://security.radware.com/ddos-knowledge-center/ddospedia/tors-hammer/
  7. https://github.com/jseidl/GoldenEye
  8. https://github.com/jseidl/GoldenEye-Mobile
This article is issued from Wikipedia - version of the Saturday, May 07, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.