The zombie scapper is an automated perl tool for detecting and stopping distributed denial of service programs. The tool automatically searches and scans the desired target for programs by looking for the ports that are used by the zombie masters. It stops the zombie masters by sending a kill/stop trigger.
3aac75a0f3674fc2c159d06c02b9fcbf0b3f267f5461c229e51495b8838c264c
The scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.
fe8229e6e1ba3f1138f6fe88ad1f3fe367b3d0b464201a4e94efcfcf33a39440
The scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.
3b5c3fcb0185c82c422da19ec48bef0aa8aa70190c1c6004f02a7d7f8184948d
Webdevil is a tool used to create a distributed performance test against webservers by keeping connections alive until the server times them out. Slave daemon is included to assist in stress testing.
25e78e914b5eb91d497b9fe75d5d5c553156aa5477b01c8871545759d820db53
This is a proof-of-concept tool to demonstrate possible distributed attacking concepts, such as sending packets from one workstation and sniffing the reply packets on another.
d9c7ac5f2dae560efd2e8381a3c102663f7bd295b34cd3d688847fd5cb3845af
Small ICMP based backdoor and DDoS slave + master. In German and English.
650e68d37c407e05229b2b7179a5778c05c7cf7efc35ddd259732a9ed2f2d190
Pud is a peer-to-peer ddos client/server which does not rely on hubs or leafs to function properly. It can connect as many nodes together as you like, and if one node dies, the rest will always stay up).
9fd29bf12ea572080b4675c6dad7c694fa13ab7b629dad469dcf2acdad083443
DOSnet.c is a ddos script which runs from root and connects to an IRC network to take commands via ctcp.
810ec57269166a34419a04f48d96542b7b5390830ab053a935466d5db09e24b3
Orgasm v1.0 is a distributed reflection denial of service attack. More information available here.
d6dad5cb55226f0e8e534dbe17c2c41b0a68f7e8bc1f3cf035f779e1ea82e508
Drdos v2.0 is a tool for distributed reflection denial of service attacks.
456d80aab4b5ffa8109f6d73877742da6799b8a3e6ae666b0dd14e32b80c4cd7
Find_ddos v4.2 (linux) - The NIPC has developed a tool to assist in combating ddos agents. The tool scans a local system that is either known or suspected to contain a DDOS program. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. Solaris version also available.
63805d1dc1a201e9c5c99849a4f4092d618ba023fbae47f723f306c23a32ca93
DDoS IRC bots are becoming popular Distributed Denial Of Service attack method. They do not require unix clients to operate and are easy to use. Hypnosis
7b9f4c5a21a18d7a89bee7d7f37ea92e1dfdd7ef36abdfa0866b9af09d57d03e
Skydance v3.6 is a distributed denial of service tool for Windows. Uses the IP_HDRINCL option. Tested on Win98 and Win2k. Uses ICMP for communication.
a60ab7490d90ddc3b7b5a27d0532f12cbfc6684dbb168f89e17b31b688699739
Knight.c Knight is a distributed denial of service client that is very light weight and is very powerful. It goes on IRC and joins a channel, then accepts commands via IRC (to prevent from getting caught). It has features like, an automatic updater via http or ftp, a checksum generater, a syn flooder, a tcp flooder, a udp flooder, slice2, spoofing to subnets, and more. This program has been used to create DDoS nets of over 1000 clients.
21ad07db066936bcec2b7118ae378bf626ab22dd9dc92cc85a6f1b74dca8339e
ddos.sh is a tool which causes NT servers which are vulnerable to the unicode bug to pingflood a target host.
2d7e66d75fe888f77e399806ba501f39d1b3f355120879700ba3c3935bb0d818
Distributed DNS Flooder v0.1b - A powerful attack against DNS servers.
103df02808e448b0350bfd7fc00522a43bca6f8945d61ee79851f123f124dedd
Stick is a distributed denial of service attack which targets IDS systems. It takes a snort rule file as input. Binary distribution.
89ef57709270ee0e91c6187ac1f214db2ab67e8d4fa823aa1fe5020290150c79
The Stick DDOS tool is a resource starvation attack against IDS systems. Many IDS systems are affected.
fb3c089efbb1b77760eceff0d11ba3affad8b80eb75f0658ffc53976bb76031a
Ramenfind v0.4 is a local Ramen worm detection and removal tool. Final release unless problems are found.
320257e648f002eda11a46020e3a2f7c6a850a287966cd4d5c4b549e73b7ac8e
Ramenfind v0.3 is a local Ramen worm detection and removal tool. Final release unless problems are found.
3daa564079eb078a3001ddd85ac60d43fde930b5546611ad9cbc74cff71de82c
Stacheldraht v1.666 + antigl + yps distributed denial of service tool.
3968f24900971c19c5ef5de6a214e0dcd9b32eff57d3a4771c9bd01d8246d735
Ramen worm local detection tool. Still in beta.
2007b10e2daa210941ac3eb39c5d0a26bb0cd5d8a08d8e284cf209ff5a7b36eb
Ramen-Clean is a perl script which checks to see if your system is infected with the Ramen Linux Worm, and cleans it.
ec6151123ba6ffb27be8c53ad7721d5f82d64dbd9038c509816cf188450a54c3
Flitz is a DDOS tool which features spoofed ip/tcp/udp flood, flooding in parallel, distributed smurf attack and status report of the slave. With one stop command, you can stop all the slaves at once.
9346b94e8f0ca0ba742335190ffba0de3a9812e72964aefb7757767c7f553e0f
DDoSPing v2.0 is a Win 9x/NT GUI scanner for the DDoS agents Wintrinoo, Trinoo, Stacheldraht and TFN.
57e4cd81c86b8688f78c15c437701b1ad27ae8e1d7f7f442aaa71aca2ec3d421