Web Application Security
Re: pentest tool for dos Jun 14 2011 05:48AM
ShiYih Lye (shiyih lye my offgamers com) (2 replies)
Re: pentest tool for dos Jun 14 2011 03:34PM
Jeremiah Cornelius (jeremiah nur net) (1 replies)
There's a Java version of LOIC.

You might want to DL through a proxy , and doing so might still get you
on a watchlist. ;-)

Also, the SourceForge page for JavaLOIC has disappeared. There are
links to different archives on the 'net. Proceed with caution (sandbox,
etc.)

http://www.mediafire.com/?u3pn398d5w6sixg
http://www.mediafire.com/?9rfblvej3ycd8dt

-- JC

On 06/13/2011 10:48 PM, ShiYih Lye wrote:
> hi guys,
>
> Appreciated a lot with the feedback. I have tested HOIC and LOIC, they
> are both windows, so might not that suitable for my pentest
> environment, as I'm using a datacenter linux server as the attacker to
> dos my webserver.
>
> We are still testing Slowloris and RUDY. Siege so far able to trigger
> more concurrent connection to the victim with 1000+, which ab maximum
> connection is only around 100+. After those threshold, we will be
> getting error from the attacker. We are using a Centos 5.5 for the
> attacker.
>
>
>
> On Tue, Jun 14, 2011 at 1:47 PM, ShiYih Lye<shiyih.lye (at) my.offgamers (dot) com [email concealed]> wrote:
>> hi guys,
>>
>> Appreciated a lot with the feedback. I have tested HOIC and LOIC, they are both windows, so might not that suitable for my pentest environment, as I'm using a datacenter linux server as the attacker to dos my webserver.
>>
>> We are still testing Slowloris and RUDY. Siege so far able to trigger more concurrent connection to the victim with 1000+, which ab maximum connection is only around 100+. After those threshold, we will be getting error from the attacker. We are using a Centos 5.5 for the attacker.
>>
>>
>>
>>
>> On Mon, Jun 13, 2011 at 5:46 AM, amar wakharkar<amarsuhas (at) hotmail (dot) com [email concealed]> wrote:
>>> Dear Lye,
>>>
>>> You can use Low Orbit Ion Cannon Tool for DOS.
>>>
>>> Regards,
>>>
>>> Amar Wakharkar.
>>>
>>>
>>>
>>>
>>>> From: shiyih.lye (at) my.offgamers (dot) com [email concealed]
>>>> Date: Wed, 8 Jun 2011 11:40:00 +0800
>>>> Subject: pentest tool for dos
>>>> To: webappsec (at) securityfocus (dot) com [email concealed]; pen-test (at) securityfocus (dot) com [email concealed]
>>>>
>>>> Hi guys,
>>>>
>>>> We are testing the dos protection mechanism of our web server, and
>>>> we're using 'apache benchmark', ab for that purpose (httpd version is
>>>> 2.2.3 in Centos 5) from the pentest machine. But it is not able to go
>>>> to a higher concurrent hits, so I'm wonder do you have any better or
>>>> more comprehensive tools out there that you think is better ?
>>>>
>>>> Thanks for any input given.
>>>>
>>>> Regards,
>>>> Lye
>>>>
>>>> ------------------------------------------------------------------------

>>>> This list is sponsored by: Information Assurance Certification Review Board
>>>>
>>>> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
>>>>
>>>> http://www.iacertification.org
>>>> ------------------------------------------------------------------------

>>>>
>
>
> This list is sponsored by Cenzic
> --------------------------------------
> Let Us Hack You. Before Hackers Do!
> It's Finally Here - The Cenzic Website HealthCheck. FREE.
> Request Yours Now!
> http://www.cenzic.com/2009HClaunch_Securityfocus
> --------------------------------------
>

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: pentest tool for dos Jun 14 2011 09:40PM
anthony cicalla gmail com (1 replies)
Re: pentest tool for dos Jun 15 2011 03:04PM
hkm (hkm hakim ws)
Re: pentest tool for dos Jun 14 2011 12:16PM
Rafael Correia (rafaelnominato gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus