.:[ packet storm ]:.
                             
beyond paranoid
beyond paranoid

 Section:  .. / distributed  /

Denial of Service tools are for use when testing your own machines only. Use of these tools on a test network is the only way to build a stable network enabled product that will not crash under the load of a distributed packet flood.

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 85
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: find_ddos_v42_linux.tar.Z
Description:
 Find_ddos v4.2 (linux) - The NIPC has developed a tool to assist in combating ddos agents. The tool scans a local system that is either known or suspected to contain a DDOS program. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. Solaris version also available.
Homepage:http://www.nipc.gov/warnings/advisories/2001/01-005.htm
File Size:367999
Last Modified:Jan 31 07:10:01 2002
MD5 Checksum:5af645362aa80a3fb6c1f1c3fab6e7a3

 ///  File Name: find_ddos_v31_linux.tar.Z
Description:
 Find_ddos Version 3.1 (linux) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.
Homepage:http://www.fbi.gov/nipc/trinoo.htm
File Size:358839
Last Modified:Feb 7 21:53:55 2000
MD5 Checksum:e2687f1cfaa3cca954836fa8a1846eb8

 ///  File Name: tk.tgz
Description:
 Torn Kit is a linux rootkit which has been optimized for linux/x86 mass installation. It is the first rootkit which uses precompiled binaries yet still allows a user defined password. This code is being widely used to automatically compromise hosts which have the wu.ftpd and rpc.statd vulnerabilities, and was mentioned in CERT's recent Incident Note IN-2000-10 advisory.
Author:Johnny7
File Size:343567
Last Modified:Sep 19 01:44:39 2000
MD5 Checksum:2332de2af78eca68542fa30fb2d37283

 ///  File Name: funtimeApocalypseWin.zip
Description:
 Dynamic IP's getting you down in your search for a better distributed attack? Don't think remote control, think "timed fuse". This is "concept code" designed to show the real danger of Windows systems being rooted en masse and used in a distributed attack scenario. Beta, no updates.
Author:The Pull
File Size:295507
Last Modified:Jan 13 20:40:19 2000
MD5 Checksum:fa0b14af5de2225b1b833367357e24cc

 ///  File Name: d7-pH-orgasm.tgz
Description:
 Orgasm v1.0 is a distributed reflection denial of service attack. More information available here.
Author:Phrail
Homepage:http://www.divisi0n7.org
File Size:194560
Last Modified:Jun 3 08:26:31 2002
MD5 Checksum:1c5a3f2ae8e4f73560831bd942abe4f0

 ///  File Name: stachelantigl.tar.gz
Description:
 Stacheldraht v1.666 + antigl + yps distributed denial of service tool.
Author:Psychoid and Randomizer.
File Size:191096
Last Modified:Jan 26 08:49:38 2001
MD5 Checksum:7181039d0767fd4cf4cb3a77bea3c47f

 ///  File Name: UW-CSE-00-02-01.tgz
Description:
 This paper describes a technique for tracing anonymous attacks in the Internet back to their source. This work is motivated by the increased frequency and sophistication of denial-of-service attacks and by the difficulty in tracing packets with incorrect, or ``spoofed'', source addresses. In this paper we describe a general purpose traceback mechanism based on probabilistic packet marking in the network. Our approach allows a victim to identify the network path(s) traversed by an attacker without requiring interactive operational support from Internet Service Providers (ISPs). Moreover, this traceback can be performed ``post-mortem'' -- after an attack has completed. We present one implementation of this technology that is incrementally deployable, (mostly) backwards compatible and can be efficiently implemented using conventional technology. In pdf and postscript format.
Author:Stefan Savage
Homepage:http://www.cs.washington.edu/homes/savage/
File Size:164581
Last Modified:Feb 11 20:04:48 2000
MD5 Checksum:efe5d0155497aada70fa6594c60433e0

 ///  File Name: stick.tgz
Description:
 Stick is a distributed denial of service attack which targets IDS systems. It takes a snort rule file as input. Binary distribution.
Author:Coretez Giovanni
Homepage:http://www.eurocompton.net/stick
File Size:152159
Last Modified:Mar 20 22:49:49 2001
MD5 Checksum:453b280e24ece40bd1f9837bd2d12f9b

 ///  File Name: Mstream_Analysis.txt
Description:
 Mstream, the newest of DDoS tools to be circulated, has been analyzed and has been found to be more primitive than any of the other DDoS tools available. Examination of reverse engineered and recovered C source code reveals the program to be in early development stages, with numerous bugs and an incomplete feature set compared with any of the other listed tools. The effectiveness of the stream/stream2 attack itself, however, means that it will still be disruptive to the victim (and agent) networks even with an attack network consisting of only a handfull of agents.
Author:David Dittrich
File Size:98002
Last Modified:May 1 23:19:09 2000
MD5 Checksum:d99d36bb136ad1b329fab03870d478df

 ///  File Name: mstream.analysis.txt
Description:
 Analysis of the "mstream" distributed denial of service attack tool, based on the source code of "stream2.c", a classic point-to-point DoS attack tool. mstream is more primitive than any of the other DDoS tools.
Author:Dave Dittrich
Homepage:http://www.washington.edu/People/dad/
File Size:97850
Last Modified:May 14 12:56:00 2000
MD5 Checksum:82dd67ecacb8ff5731279209d4b70342

 ///  File Name: dkbf-0.1.1b.tar.gz
Description:
 Dkbf is a Distributed, Keyboard, Brute-Force program, written in C, for Linux clusters that attacks Windows NT Lanman and NT hashes using the Message Passing Interface (MPI) to distribute the program L0phtCrack by the L0pht.
Author:d4 b0rg
Homepage:http://dkbf.sourceforge.net
File Size:72735
Last Modified:Feb 12 04:10:11 2001
MD5 Checksum:aaedea360d47defffc39674d9a833889

 ///  File Name: scrutinizer-1.03.tar.gz
Description:
 The scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.
Author:Markus Roth
Homepage:http://www.solutix.ch/scrutinizer
Changes:Bugfix release.
File Size:72126
Last Modified:Jan 11 02:42:35 2005
MD5 Checksum:fec85dffee76c0c834baef6f0198296a

 ///  File Name: dps-001.tgz
Description:
 Distributed Port Scanner - The idea is that by having multiple systems from different classes of networks scan a host, detection of a portscan is more difficult by the target system. The user runs a central server which tells each client which port to scan next. Clients send the results to the server and are issued a new port to check.
Homepage:http://www.geocities.com/bechberger
File Size:71680
Last Modified:Dec 12 04:18:18 2000
MD5 Checksum:75ecc374eba684aa3ceecf33e449cf11

 ///  File Name: dsit_workshop.pdf
Description:
 Results of the Distributed-Systems Intruder Tools Workshop (Nov 2-4, 1999). Several distributed intruder tools are in widespread use now, and the technology is maturing. As a result, a single command from an attacker can result in tens of thousands of concurrent attacks.
Author:Clarissa Cook, Richard Kemmerer, and David Dittrich
File Size:64532
Last Modified:Dec 9 22:21:08 1999
MD5 Checksum:b69cb60c78ff79ee69d4513e534245f9

 ///  File Name: trinoo.analysis.txt
Description:
 The following is an analysis of the DoS Project's "trinoo" (a.k.a. "trin00") master/slave programs, which implement a distributed network denial of service tool. Trinoo daemons were originally found in binary form on a number of Solaris 2.x systems, and probably being set up on hundreds, perhaps thousands, of systems on the Internet that are being compromised by remote buffer overrun exploitation.
Author:David Dittrich
File Size:55408
Last Modified:Aug 17 02:07:14 1999
MD5 Checksum:850306089225ee486a29ed60b7f5dd71

 ///  File Name: scrutinizer-1.02.tar.gz
Description:
 The scrutinizer toolkit is designed to protect Web servers from HTTP (D)DoS attacks. It is a toolkit consisting of an analysis engine which analyzes Web server access logfiles in almost real time, an Apache module which is able to block wrongdoers on the Web server, an extension to block offenders with netfilter firewalls, and a set of visualization tools. The analysis engine uses statistical anomaly detection to expose offenders. The engine has to be trained with old log files so that it can adapt itself to your system.
Author:Markus Roth
Homepage:http://www.solutix.ch/scrutinizer
File Size:55121
Last Modified:Dec 31 23:32:46 2004
MD5 Checksum:d657105db587ae9a595b953ea44cad2c

 ///  File Name: find_ddos_v31_intel.tar.Z
Description:
 Find_ddos Version 3.1 (solaris intel) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.
Homepage:http://www.fbi.gov/nipc/trinoo.htm
File Size:54470
Last Modified:Feb 7 21:53:59 2000
MD5 Checksum:48dccf4539bc56e7569868617f3393b6

 ///  File Name: find_ddos_v31_sparc.tar.Z
Description:
 Find_ddos Version 3.1 (sparc) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools including tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client.
Homepage:http://www.fbi.gov/nipc/trinoo.htm
File Size:53336
Last Modified:Feb 7 21:53:49 2000
MD5 Checksum:53ca1f544fdab923a56e0065bea60b54

 ///  File Name: find_ddos_v3_intel.tar.z
Description:
 Find_ddos Version 3 (intel) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools.
Homepage:http://www.fbi.gov/nipc/trinoo.htm
Changes:Detects tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. This new version (find_ddosV3) is now available for Solaris on Sparc or Intel platforms and will no longer improperly identify itself or any previous version as a DDOS program.
File Size:50898
Last Modified:Jan 13 20:29:27 2000
MD5 Checksum:22d01a06fd182104f09252cc95accee7

 ///  File Name: find_ddos_v3_sparc.tar.z
Description:
 Find_ddos Version 3 (sparc) - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools.
Homepage:http://www.fbi.gov/nipc/trinoo.htm
Changes:Detects tfn2k client, tfn2k daemon, trinoo daemon, trinoo master, tfn daemon, tfn client, stacheldraht master, stacheldraht client, stachelddraht demon and tfn-rush client. This new version (find_ddosV3) is now available for Solaris on Sparc or Intel platforms and will no longer improperly identify itself or any previous version as a DDOS program.
File Size:49436
Last Modified:Jan 13 20:25:21 2000
MD5 Checksum:0ca230338f56b5d8ee6b538be77abddc

 ///  File Name: shaft_analysis.txt
Description:
 An analysis of the "Shaft" distributed denial of service tool. Shaftnode was recovered initially in November, 1999. Distinctive features are the ability to switch handler servers and handler ports on the fly, making detection by intrusion detection tools difficult from that perspective, a "ticket" mechanism to link transactions, and the particular interest in packet statistics, showing the "yield" of the DDoS network as a whole.
Author:Sven Dietrich, David Dittrich, and Neil Long
Homepage:http://sled.gsfc.nasa.gov/~spock/
File Size:45788
Last Modified:Mar 25 00:20:50 2000
MD5 Checksum:e3af444432b23dbc909e55320c0991b2

 ///  File Name: stacheldraht.analysis
Description:
 The following is an analysis of "stacheldraht", a distributed denial of service attack tool, based on source code from the "Tribe Flood Network" distributed denial of service attack tool. Stacheldraht (German for "barbed wire") combines features of the "trinoo" distributed denial of service tool, with those of the original TFN, and adds encryption of communication between the attacker and stacheldraht masters and automated update of the agents.
Author:David Dittrich
Homepage:http://staff.washington.edu/dittrich
File Size:43953
Last Modified:Jan 4 09:25:38 2000
MD5 Checksum:40a973414685d1eee7d607575441ca3a

 ///  File Name: find_ddosV2.tar.Z
Description:
 Find_ddos Version 2 - In response to a number of recent distributed denial-of-service (DDOS) attacks that have been reported, the NPIC has developed a tool to assist in combating this threat. The tool (called "find_ddos") is intended to scan a local system that is either known or suspected to contain a DDOS program. It is capable of scanning executing processes on Solaris 2.6 or later, and of scanning local files on a Solaris 2.x (or later) system. The tool will detect several known denial-of-service attack tools, including the trinoo daemon, trinoo master, enhanced tfn daemon, tfn daemon, tfn client, tfn2k daemon, tfn2k client, and the tfn-rush client.
Homepage:http://www.fbi.gov/nipc/trinoo.htm
Changes:Detects TFN2k.
File Size:43644
Last Modified:Jan 4 09:48:52 2000
MD5 Checksum:f6ec5a4d095195575468dda4adb088ed

 ///  File Name: kaiten.c
Description:
 Kaitan.c is an IRC based DDoS client.
Author:contem.
File Size:39019
Last Modified:Dec 28 00:26:26 2001
MD5 Checksum:74fe3d86afcbf6c801d1cc3c4d6e357d

 ///  File Name: stachel.tgz
Description:
 StacheldrahtV4 - (German for "barbed wire") combines features of the "trinoo" distributed denial of service tool, with those of the original TFN, and adds encryption of communication between the attacker and stacheldraht masters and automated update of the agents.
File Size:36831
Last Modified:Feb 8 23:25:28 2000
MD5 Checksum:110065233eb12ee3a1a5c88b985f865e
 

 ///  Last 10 Files
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citectodbc-fivews.txt
  5. :· citect_scada_odbc.rb.txt
  6. :· flockweb-dos.txt
  7. :· google-chrome-dos4.txt
  8. :· google-download2.txt
  9. :· PLSA-2008-41.txt
  10. :· PLSA-2008-40.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· PLSA-2008-41.txt
  2. :· PLSA-2008-40.txt
  3. :· PLSA-2008-39.txt
  4. :· PLSA-2008-38.txt
  5. :· PLSA-2008-37.txt
  6. :· MDVSA-2008-188.txt
  7. :· glsa-200809-05.txt
  8. :· PLSA-2008-36.txt
  9. :· microworld-insecure.txt
  10. :· SSRT080119.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· phpauction32-rfi.txt
  2. :· silentum-xss.txt
  3. :· iranmc-sql.txt
  4. :· citect_scada_odbc.rb.txt
  5. :· flockweb-dos.txt
  6. :· google-chrome-dos4.txt
  7. :· google-download2.txt
  8. :· webcmsportal-blindsql.txt
  9. :· esfaq-sql.txt
  10. :· vastal-itechcosmetics.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· citectodbc-fivews.txt
  2. :· freebsd-revcon.txt
  3. :· insecurityoverview-samsung.pdf
  4. :· xcon2008-cfp.txt
  5. :· aslr-bypass.txt
  6. :· alphanumeric-shellcode.txt
  7. :· imagebase-shellcode.txt
  8. :· mysql-injection-newbies.txt
  9. :· draft-gont-opsec-ip-security-01.txt
  10. :· draft-ietf-tsvwg-port-randomization-02.txt
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice