Since a couple of years we collect and track current and legacy ddos-frameworks and tools that are available on github. There has been an impressive development over the last 5 years, with these frameworks going beyond scriptkiddy-level and becoming feature-rich. Some of these frameworks beeing actively advertised and used amongst groups like killnet.
The only exception on the list beeing DDoSIA, a project by NoName057 which ist under active development, but with no public resources available, just reverse-engineering.
we also made a short capabilities-comparison to see what features are implemented.
VOL – Volumetric attacks
- DP – DirectPath (attacking an IP directely with traffic)
- AMP: amplification/reflection
Layer7 (Web)
- IoT – IoT-Bot (simple get/post – requests, no cookies or redirects)
- Proxies: can use proxies from a list
- Bypass – various protection-detection and bypass-methods
- Random: Random-Floods https://example.com/url/$RANDOM
- Custom: customized POST-vars/Cookies etc
- Soc: Socket-attacks (TCPHandshakes/TLSHandshakes)
- slow: slowloris/r-u-d-y et al
- MultiHead: attacking via headers (multi/long/null-values), various methods
Misc
- RandomDNS: DNS Layer 7 attack
- Hivemind: allows the framework to be connected together for a botnet-like operation
The direct link to the Repo-Collection can be found here: https://github.com/orgs/zerobs-loic/repositories, or just click on the button below.
current frameworks and tools
(under active maintainance / development)
- MHDDoS
- Karma DDoS
- HULK
- cc-Attack
- MrSIP
- DDoSIA (not public)
legacy frameworks and tools
(not mantained anymore/changed in the last 3 years)
- LOIC
- ufonet
- GoldenEye
- soup
- Raven-Storm
- pyloris/slowloris
- torDDoS
- ARDT
- rudy / r-u-dead-yet
Member discussion: