#dos #http #connection #slow #tool #multi-threaded #low-bandwidth

bin+lib loraxe

a multi-threaded, low-bandwidth layer-7 Slow HTTP DOS tool

1 unstable release

0.1.0 Apr 29, 2019

#11 in #slow

MIT license

79KB
253 lines

loraxe

Build Status codecov dependency status

loraxe is a low-bandwidth layer-7 HTTP DOS tool that handles connections in parallel. Written with 100% Safe Rust

🎁 Features

  • Fully Configurable CLI options via structopt
  • Colored logs, via pretty_env_logger (set RUST_LOG for more verbose logging)
  • Sockets are handled in parallel via rayon
  • Low-bandwidth usage
  • Built in DNS
  • SSL (Coming Soon)

🖧 DOS Modes

  • Slow HTTP (Slowloris): Holds connections open by slowly completing the http request after sending a complete header.
  • Slow POST: Sends a POST request with a content length of 1m and then sends random data at a rate of 1 byte / .
  • [WIP] Slow READ: Requests a file larger than a servers given send buffer (~65Kb - 124Kb) and then reads the result at a user defined rate.
  • UDP Flood mode: Sends a UDP packet to all ports on a given host. The host must respond with an error saying path not found. Which can cripple some machines

📦 Installation

The installation of lor-axe is easy if you have cargo installed.

Build from source:

git clone https://github.com/ajmwagar/lor-axe
cd lor-axe
cargo install --path .
loraxe --help

Use cargo:

cargo install loraxe

💯 Usage

# Start a Slowloris attack on 0.0.0.0:8080 with 200 concurrent connections
loraxe 0.0.0.0 -p 8080 -s 200

# Start a HTTP POST attack on 0.0.0.0:80 with 150 concurrent connections
loraxe 0.0.0.0 --post

# Start a Slow READ attack on 0.0.0.0:80 with 150 concurrent connections and a read buffer of 8 bytes
loraxe 0.0.0.0 --read -b 8

# Print a help menu
loraxe --help

Disclaimer

Any actions and or activities related to the code provided is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. The authors will not be held responsible in the event any criminal charges be brought against any individuals misusing the information in this tool to break the law.

Dependencies

~10–22MB
~344K SLoC