zerobs-loic has 17 repositories available. Follow their code on GitHub.

Since a couple of years we collect and track current and legacy ddos-frameworks and tools that are available on github. There has been an impressive development over the last 5 years, with these frameworks going beyond scriptkiddy-level and becoming feature-rich. Some of these frameworks beeing actively advertised and used amongst groups like killnet.
The only exception on the list beeing DDoSIA, a project by NoName057 which ist under active development, but with no public resources available, just reverse-engineering.

we also made a short capabilities-comparison to see what features are implemented.

ddos-framework capabilities

VOL – Volumetric attacks

  • DP – DirectPath (attacking an IP directely with traffic)
  • AMP: amplification/reflection

Layer7 (Web)

  • IoT – IoT-Bot (simple get/post – requests, no cookies or redirects)
  • Proxies: can use proxies from a list
  • Bypass – various protection-detection and bypass-methods
  • Random: Random-Floods$RANDOM
  • Custom: customized POST-vars/Cookies etc
  • Soc: Socket-attacks (TCPHandshakes/TLSHandshakes)
  • slow: slowloris/r-u-d-y et al
  • MultiHead: attacking via headers (multi/long/null-values), various methods


  • RandomDNS: DNS Layer 7 attack
  • Hivemind: allows the framework to be connected together for a botnet-like operation

The direct link to the Repo-Collection can be found here:, or just click on the button below.

zerobs-loic has 17 repositories available. Follow their code on GitHub.

current frameworks and tools

(under active maintainance / development)

  • MHDDoS
  • Karma DDoS
  • HULK
  • cc-Attack
  • MrSIP
  • DDoSIA (not public)

legacy frameworks and tools

(not mantained anymore/changed in the last 3 years)

  • LOIC
  • ufonet
  • GoldenEye
  • soup
  • Raven-Storm
  • pyloris/slowloris
  • torDDoS
  • ARDT
  • rudy / r-u-dead-yet