PyFlooder - A http flood python script that could stop a normal website in 10s

  •        687

A http flood python script that could stop a normal website in 10s



Related Projects

syncookied - syn flood protection

  •    Rust

syncookied emulates linux kernel syncookie functionality by intercepting SYN packets and sending replies to them using the same cookie generation alghorithm. It can achieve better performance under SYN flood attacks thanks to kernel bypass (netmap). Note: we use AVX-accelerated SHA1 function by default. SSE3 implementation is also available under sse3 feature flag, i.e.: cargo build --features=sse3 --no-default-features --release.


  •    Assembly

HeXHub is an IOCP-based file-sharing hub and web server with anti-flood protection, built-in firewall designed to filter DDoS, and to prevent most common forms of DoS currently used against hubs, anti-spam protection, content filtering and more.

synsanity - netfilter (iptables) target for high performance lockless SYN cookies for SYN flood mitigation

  •    C

synsanity is a netfilter (iptables) target for high performance lockless SYN cookies for SYN flood mitigation, as used in production at GitHub.synsanity allows Linux servers running 3.x kernels to handle SYN floods with minimal (or at least less) performance impact. With default Linux kernel 3.x settings, a very small SYN flood causes complete CPU exhaustion as the kernel spinlocks on the LISTEN socket and in conntrack. synsanity moves much of this work into a netfilter (iptables) target and bypasses locks for this attack scenario, allowing high throughput syncookie generation before the packets hit the TCP stack.



Floodmon is a small Perl daemon used to monitor a server in order to detect SYN flood attacks, to alert the administrator and to attempt to mitigate the attack up to a certain level.


  •    Python

Update: From comments throughout different communities, I've seen links to different articles describing the same issue as I do here. I understand this vulnerability that has existed for quite some time already (10y+), and by no means trying to take credit for them. Perhaps I used wrong search terms when looking for related articles, or just that they was located at page 42 on google. Either way, I still hope you enjoy the read and perhaps learn something useful. I've also seen a lot of people mistake this for a SYN flood attack. This attack relies on a full connection, not half open. So SYN cookies won't help you.

curiefense - Curiefense is a unified, open source platform protecting cloud native applications.

  •    TypeScript

Curiefense is a new application security platform, which protects sites, services, and APIs. It extends Envoy proxy to defend against a variety of threats, including SQL and command injection, cross site scripting (XSS), account takeovers (ATOs), application-layer DDoS, remote file inclusion (RFI), API abuse, and more. There are many ways to get involved with Curiefense.


  •    C

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. Hyenae will be continued here:

Alfandega Firewall

  •    Perl

Alfandega is a strong and Modular IpTables Firewall. It provides NAT, port-forwarding, spoofing list, blacklist of crackers and spywares sites, protection for tcp/udp scans, DOS/DDOS and Smurf attacks, TCP tuning, DHCP and PPP support and much more.



Send infinite requests to specified URL target; join with others to wage distributed denial of service attacks against the deserving and overly self-serving.


  •    C++

Panoptis plans to create a network security tool (N-IDS) to detect and block DoS and DDoS attacks. The programming language is C++, and the input is being provided by routers.

GoBot2 - Second Version of The GoBot Botnet, But more advanced.

  •    Go

After seeing another users Go based botnet i wanted to do more work on my GoBot, But i ended up building something a bit more. There is issues with this but it more of a advanced PoC.... I am not a good coder but i was able to make this buy doing some basic reading online. There was more i wanted to do with this project but i stopped, I am getting out of making Malware and virus's... I am going to move on to more legitimet things. Though i will be posting some of my old projects on my Github, and most of witch are malevolent i am putting them here to make it simpler for the 'good guys' to fight them and there kin. The C&C is a program, You can compile it for Windows, Linux, Mac systems. Its a self-running web-server that handles all connections on the selected port in the settings. it will serve the HTLM C&C to a connector if you allow it and it saves data about account, bots and commands as a SQL database and bots files (screenshots, keylogs, ect) as file under the bots own "Profile" You can control the botnet from the program(more secure) or control it from the HTML C&C. The C&C's program is extremely stable, Go based servers are know for handling millions or requests at once without fail, just make sure you have a good connection. The C&C has a build in hard-coded login (kinda like a Backdoor) you can use if you 'forgot' the account login. the C&C can have any number of accounts. With it being a self-contained program this removes the issue of SQLi attacks on the C&C so its more SECURE. The C&C can also run inside a Tor Hidden service if configured right and the client (bot) can connect to it using a or forwarder if needed. Tor can also be used by the bot via a SOCKS proxy... Simple to do, Google it.

f-stack - F-Stack is an user space network development kit with high performance based on DPDK, FreeBSD TCP/IP stack and coroutine API

  •    C

With the rapid development of Network Interface Cards the poor performance of data packet processing with the Linux kernel has become the bottleneck in modern network systems. Yet, the increasing demands of the Internet's growth demand a higher performant network processing solution. Kernel bypass has emerged to catch more and more attention. There are various similar technologies such as: DPDK, NETMAP and PF_RING. The main idea of kernel bypass is that Linux is only used to deal with control flow; all data streams are processed in user space. Therefore, kernel bypass can avoid performance bottlenecks caused by kernel packet copying, thread scheduling, system calls, and interrupts. Furthermore, kernel bypass can achieve higher performance with multi-optimizing methods. Within various techniques, DPDK has been widely used because of it's more thorough isolation from kernel scheduling and active community support. To deal with the increasingly severe DDoS attacks the authorized DNS server of Tencent Cloud DNSPod switched from Gigabit Ethernet to 10-Gigabit at the end of 2012. We faced several options: one is to continue to use the original network stack in the Linux kernel, another is to use kernel bypass techniques. After several rounds of investigation; we finally chose to develop our next generation of DNS server based on DPDK. The reason is DPDK provides ultra-high performance and can be seamlessly extended to 40G, or even 100G NIC, in the future.

zarp - Network Attack Tool

  •    Python

Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically or to the attacker directly. Various sniffers are included to automatically parse usernames and passwords from various protocols, as well as view HTTP traffic and more. DoS attacks are included to knock out various systems and applications. These tools open up the possibility for very complex attack scenarios on live networks quickly, cleanly, and quietly. The long-term goal of zarp is to become the master command center of a network; to provide a modular, well-defined framework that provides a powerful overview and in-depth analysis of an entire network. This will come to light with the future inclusion of a web application front-end, which acts as the television screen, whereas the CLI interface will be the remote. This will provide network topology reports, host relationships, and more. zarp aims to be your window into the potential exploitability of a network and its hosts, not an exploitation platform itself; it is the manipulation of relationships and trust felt within local intranets. Look for zeb, the web-app frontend to zarp, sometime in the future.

WebSploit Framework


WebSploit Framework

Packet Flood Generator

  •    C

Packet Flood Generator as the name stands is a projet to produce a threaded traffic generator program, it has support for generating IP, TCP , UDP, ICMP and IGMP packets, also has as feature to keep the connection up.

nofdp IDSS

  •    Java

The nofdp IDSS is an open source application for modeling flood control measures and 1D hydrodynamic flood simulation. Additional modules for ecological and spatial analysis, multicriteria evaluation and communication are included.

fluxion - Fluxion is a remake of linset by vk496 with less bugs and enhanced functionality.

  •    HTML

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues. If you need quick help, fluxion is also avaible on gitter. You can talk with us on Gitter or on Discord.

arxiv-sanity-preserver - Web interface for browsing, search and filtering recent arxiv submissions

  •    Python

This project is a web interface that attempts to tame the overwhelming flood of papers on Arxiv. It allows researchers to keep track of recent papers, search for papers, sort papers by similarity to any paper, see recent popular papers, to add papers to a personal library, and to get personalized recommendations of (new or old) Arxiv papers. This code is currently running live at, where it's serving 25,000+ Arxiv papers from Machine Learning (cs.[CV|AI|CL|LG|NE]/stat.ML) over the last ~3 years. With this code base you could replicate the website to any of your favorite subsets of Arxiv by simply changing the categories in Indexing code. Uses Arxiv API to download the most recent papers in any categories you like, and then downloads all papers, extracts all text, creates tfidf vectors based on the content of each paper. This code is therefore concerned with the backend scraping and computation: building up a database of arxiv papers, calculating content vectors, creating thumbnails, computing SVMs for people, etc.

xss-payload-list - 🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

  •    HTML

Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execute the script. Because it thinks the script came from a trusted source, the malicious script can access any cookies, session tokens, or other sensitive information retained by the browser and used with that site. These scripts can even rewrite the content of the HTML page. For more details on the different types of XSS flaws, see: Types of Cross-Site Scripting.

PHP Server Monitor

  •    PHP

A script that checks whether the servers are up and running

We have large collection of open source products. Follow the tags from Tag Cloud >>

Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.