[Tool Hack] Slowhttptest - Slow HTTP DoS vulnerability tool
Slowhttptest is a Slow HTTP DoS attacks rely on the fact that the HTTP protocol, by design, requires requests to be completely received by the server before they are processed.
output
GET / HTTP/1.1 Host: localhost:80 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2)
This tool actively tests if it’s possible to acquire enough resources on an HTTP server by slowing down requests to get denial of service at the application layer. Reporting feature of Slowhttptest is great simple http output and more.
Download: http://code.google.com/p/slowhttptest/downloads/list
Supported features for Slowhttptest
- Slowing down either the header or the body section of the request
- Any HTTP verb can be used in the request
- Configurable Content-Length header
- Random size of follow-up chunks, limited by optional value
- Random header names and values
- Random message body data
- Configurable interval between follow-up data chunks
- Support for SSL
- Support for hosts names resolved to IPv6
- Verbosity levels in reporting
- Connection state change tracking
- Variable connection rate
How to use
./slowhttptest -c 1000 -B -g -o my_server_stats -i 110 -r 200 -s 8192 -t FAKEVERB -u https://toiphammaytinh/abc/index.html -x 10output
GET / HTTP/1.1 Host: localhost:80 User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2)
This tool actively tests if it’s possible to acquire enough resources on an HTTP server by slowing down requests to get denial of service at the application layer. Reporting feature of Slowhttptest is great simple http output and more.
Download: http://code.google.com/p/slowhttptest/downloads/list
Comments
Post a Comment
Để lại góp ý của bạn để blog của mình hoàn thiện hơn :))