{"id":15648127,"url":"https://github.com/noracodes/rloris","last_synced_at":"2025-04-30T14:41:18.474Z","repository":{"id":84925785,"uuid":"82516313","full_name":"NoraCodes/rloris","owner":"NoraCodes","description":"A Rust implementation of slow HTTP DoS techniques","archived":false,"fork":false,"pushed_at":"2019-10-17T11:51:49.000Z","size":24,"stargazers_count":32,"open_issues_count":0,"forks_count":4,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-30T17:04:39.756Z","etag":null,"topics":["denial-of-service","hacking","http","security","slowloris"],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/NoraCodes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-02-20T04:22:33.000Z","updated_at":"2025-02-04T02:41:09.000Z","dependencies_parsed_at":null,"dependency_job_id":"12ee8f29-3651-4d97-b0ed-d597b38c64f3","html_url":"https://github.com/NoraCodes/rloris","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NoraCodes%2Frloris","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NoraCodes%2Frloris/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NoraCodes%2Frloris/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/NoraCodes%2Frloris/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/NoraCodes","download_url":"https://codeload.github.com/NoraCodes/rloris/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251722804,"owners_count":21633018,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["denial-of-service","hacking","http","security","slowloris"],"created_at":"2024-10-03T12:23:39.167Z","updated_at":"2025-04-30T14:41:18.442Z","avatar_url":"https://github.com/NoraCodes.png","language":"Rust","readme":"# rloris\n\n`rloris` is an implementation of RSnake's SlowLoris attack in Rust, with other attacks on the way.\n\nYou can either build `rloris` yourself with `cargo` or download a working binary for Linux x64 from the [releases directory](https://github.com/SilverWingedSeraph/rloris/releases). As of `0.6.0`, `rloris` no longer requires native SSL libraries and uses `rustls` to perform all TLS connection in pure Rust.\n\n## Attacks\n\n* SlowLoris GET, based on [RSnake's original attack](https://web.archive.org/web/20090822001255/http://ha.ckers.org/slowloris/), simply opens a lot of connections\n    asking to GET resources and then takes its time sending the other headers and the final double `\\r\\n`.\n* SlowLoris POST, similar to the above but using POST requests. Activate with `rloris post \u003ctarget\u003e --post`.\n\n## Functionality\n\nOptional functionality is available by giving flags to the `rloris` binary. Currently, `rloris` supports SSL (`-ssl`), \nsetting custom timeouts for SlowLoris (`--timeout=\u003ctimeout\u003e`) and SlowLoris cycle counts (`--cycle=\u003ccycles\u003e`),\nmultithreading (`--thread=\u003cthreads\u003e`), and infinite repetition (`--repeat`). \n\nWARNING: using `--repeat` can create a real honest to goodness DoS condition on the target!\n\n## Advice\n\nThe more threads you can get away with, the higher the impact on the target. To see what your server can handle, \nkeep raising the number of threads until you get \"Connection reset by peer\" errors; at that point, your server is dropping connections due to over-load.\nNote that a DoS condition probably will arise before this happens.\n\n`rloris` uses `env_logger` to log messages to the console; set the environment variable `RUST_LOG` to `info` for additional data about your attacks, or `debug` if you're \nhacking on the code.\n\n### Examples\n\n* Perform an attack against localhost, port 8000, using the POST verb: `rloris post localhost --port=8000`\n* Perform an SSL attack against example.com, port 443: `rloris get example.com --ssl`\n* Perform an SSL attack against 127.0.0.1, with domain name example.com: `rloris get 127.0.0.1 --ssl --domain=example.com --repeat`\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnoracodes%2Frloris","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnoracodes%2Frloris","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnoracodes%2Frloris/lists"}