Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/waived/http-botnet

Primitve DDoS botnet that uses HTTP as a communication method
https://github.com/waived/http-botnet

basic-programming ddos-botnet http-botnet proof-of-concept python-botnet python3

Last synced: 10 days ago
JSON representation

Primitve DDoS botnet that uses HTTP as a communication method

Awesome Lists containing this project

README

        

PROOF OF CONCEPT:

This project was designed to be an incredibly simple example of how an HTTP botnet
may choose to operate. This specific bot uses "HTTP Polling" which is a low-bandwidth
option fon controlling a large overhead of bots (opposed to other methods such as
WebSockets or HTTP Streaming). Each infected device will make a request to the server
every 30 seconds to get an update as to what needs to be accomplished.

ATTACK METHODS:

[+] UDP flood
[+] TCP flood
[+] HTTP flood
[+] TLS exhaustion

NOTE:

Each job assigned by the bot master has an ID. This is done so if a bot receives the
same update from the server, the same job isnt carried out twice. This bot is multi-
threaded, so if an active attack is going on, another one or more can be launched
concurrently to engage more targets.

SETUP:

You are going to want to set permissions for your login panel and dashboard so
that no individual can bypass the authentication and access the DDOS panel.

# Make dashboard readable only by the server and admin (not accessible to public)
chmod 600 index.html

# Make authentication script readable only by the server and admin (not accessible to public)
chmod 600 auth.js

# Make login publicly readable
chmod 644 login.html

# or use .htaccess (with Apache) to protect the dashboard


Order Deny,Allow
Deny from all
Allow from 127.0.0.1

# the 'client.py' payload will need to be modified as well. When you upload your
# files, you need to change the variable 'gate_url' to point to your gate.php file
#
# example: gate_url = 'http://your-botnet.com/gate.php'

NOTE:
inside of the auth.js is a password for the login. this will need to be updated
to suit your needs.