/overload

πŸ“‘ Overload DDOS Tool (Layer 7)

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

πŸ“‘ DoS Tool

πŸ’» Preview

Installation

Windows


Download Python 3.10 here, open the installer and click on add python to PATH. Next, download overload here and open CMD or PowerShell in its directory. Now you need to create a Virtual Enviroment for the application; if you have make utility on your system just execute:

make setup
make run

If you don't have it, then execute:

curl -sSL https://install.python-poetry.org | python3
poetry install --without dev
poetry run python3 overload.py


Linux


sudo apt update
sudo apt install python3 python3-pip git -y
git clone https://github.com/7zx/overload
cd overload/

make setup
make run


Termux


pkg update
pkg install python3 python3-pip git -y

git clone https://github.com/7zx/overload
cd overload/

pip install -r requirements.txt
python3 overload.py


Avaliable Attacks


HTTP: This attack consists of exhausting the victim by sending a huge amount of HTTP GET requests, eventually taking it down and preventing others to access its resources.

β”œβ”€β”€β”€ DOS TOOL
β”œβ”€β”€β”€ AVAILABLE METHODS
β”œβ”€β”€β”€ LAYER 7: HTTP | HTTP-PROXY | SLOWLORIS | SLOWLORIS-PROXY
β”œβ”€β”€β”€β”
β”‚   β”œβ”€β”€β”€METHOD: HTTP
β”‚   β”œβ”€β”€β”€TIME: 600
β”‚   β”œβ”€β”€β”€THREADS: 800
β”‚   └───URL: https://github.com/7zx/overload

Slowloris: Just like an HTTP attack, Slowloris also aims to block other users from accessing a certain resource, but it does that by connecting virtual hosts with a slow connection to the victim. The victim will eventually have a lot of slow connections open and will block new users from accessing its resources.

...
β”œβ”€β”€β”€β”
β”‚   β”œβ”€β”€β”€METHOD: SLOWLORIS
β”‚   β”œβ”€β”€β”€TIME: 300
β”‚   β”œβ”€β”€β”€THREADS: 200
β”‚   β”œβ”€β”€β”€SLEEP TIME: 15
β”‚   └───URL: https://github.com/7zx/overload

Both HTTP and Slowloris attacks have a proxy version. If you choose to use proxy, then the threads will initialize and connect to elite-anonymity public proxies, and if not, your IP will be used on the requests. We do not own the proxy servers and do not respond for anything that they may do (like leaking your actual IP); they are hosted by volunteers and their addresses are retrieved through the Proxy Scrape API.


POSIX attacks only

To perform the following attacks you'll need a machine running a POSIX system, like Ubuntu.

SYN-Flood: This attack relies on how the Tansmission Control Protocol (TCP) connections are designed. It takes advantage of the TCP 3-Way Handshake (SYN, SYN-ACK and ACK) by sending a lot of packets with the SYN flag, but never responding to the SYN-ACK packets sent by the victim, which makes it to wait forever with an open connection. If the victim somehow does not close the connection opened by the SYN packets, then it'll eventually block new connections.

...
β”œβ”€β”€β”€ LAYER 4: SYN-FLOOD
β”œβ”€β”€β”€β”
β”‚   β”œβ”€β”€β”€METHOD: SYN-FLOOD
β”‚   β”œβ”€β”€β”€TIME: 40
β”‚   β”œβ”€β”€β”€THREADS: 10
β”‚   └───URL: 192.168.0.1

ARP-Spoof: This attack works on layer 2 of the OSI model, specifically on the Address Resolution Protocol (ARP). It consists of sending an adulterated packet to the victim saying that we are the gateway of the local network, so the victim must send all its packets to our machine. We also tell the gateway that we are the victim; that way we become the man in the middle of the connection and can inspect all of the victims' packets with an analyzer.

...
β”œβ”€β”€β”€ LAYER 2: ARP-SPOOF | DISCONNECT
β”œβ”€β”€β”€β”
β”‚   β”œβ”€β”€β”€ METHOD: ARP-SPOOF
β”‚   β”‚
β”‚   β”œβ”€β”€β”€ [!] Scanning Local Network...
β”‚   β”‚
β”‚   β”œβ”€β”€β”€ Avaliable Hosts:
β”‚   β”‚
β”‚   β”‚     192.168.0.102
β”‚   β”‚     192.168.0.105
β”‚   β”‚
β”‚   β”œβ”€β”€β”€ IP: 192.168.0.102
β”‚   β”œβ”€β”€β”€ TIME: 100

Disconnect: It blocks the victim from accessing the internet on the local network during the time the attack is happening.

...
β”œβ”€β”€β”€ LAYER 2: ARP-SPOOF | DISCONNECT
β”œβ”€β”€β”€β”
β”‚   β”œβ”€β”€β”€ METHOD: DISCONNECT
β”‚   β”‚
β”‚   β”œβ”€β”€β”€ [!] Scanning Local Network...
β”‚   β”‚
β”‚   β”œβ”€β”€β”€ Avaliable Hosts:
β”‚   β”‚
β”‚   β”‚     192.168.0.100
β”‚   β”‚     192.168.0.103
β”‚   β”‚     192.168.0.105
β”‚   β”‚
β”‚   β”œβ”€β”€β”€ IP: 192.168.0.100
β”‚   β”œβ”€β”€β”€ TIME: 600


⚠ Disclaimer


This application is intended to be used as a testing tool against your own servers. DO NOT USE IT TO ATTACK OTHER PEOPLE, we don't take responsibility for anything that may come up if you attack someone else. Also, this project makes a DoS attack, if you want to take down well-hosted servers, then it's up to you to scale the attack using a DDoS approach. Know the limitations of what you can do, and the defense mechanism used by your target; for instance, if a webserver uses DDoS mitigation appliances (such as load balancing), then you'll probably fail to take it down; a router that implements SYN Cookies will not be affected by a SYN-Flood attack, and so on.