lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <9e5f6af2-3f63-5efd-879c-42314d2a2eab@riseup.net>
Date: Wed, 21 Mar 2018 12:58:00 +0000
From: psy <epsylon@...eup.net>
To: fulldisclosure@...lists.org
Subject: [FD] New release: UFONet v1.0 "TachY0n!"
Hi FD,
I am glad to present a new release of this tool:
- https://ufonet.03c8.net
"UFONet - is a tool designed to launch Layer 7 (HTTP/Web Abuse) DDoS &
DoS attacks."
See these links for more info:
- CWE-601:Open Redirect [1]
- OWASP:URL Redirector Abuse [2]
---------
Main options are:
* DDoS + DoS
* Auto-update
* Clean code
* Documentation with examples
* Web/GUI Interface
* Proxy to connect to 'zombies' (ex: tor)
* Change HTTP Headers (User-Agent, Referer, Host...)
* Configure requests (Timeout, Retries, Delay, Threads...)
* Search for 'zombies' on different search engines
* Test vulnerabilities on 'zombies'
* Download/Upload 'zombies' from/to others
* Inspect a target (HTML objects sizes)
* Set a place to 'bit' on a target (ex: big file)
* Control number of rounds to attack
* Apply cache evasion techniques
* Advanced queries (ex: Verb tunneling exploitation)
* Supports GET/POST
* Multithreading
* Order 'zombies' to attack you for benchmarking
* Geomapping / Visual data
* [...]
This release (v1.0) called "TachY0n!" has added this new features:
* Zombie list updated!
* Added advanced dorking system (AI mode)
* Slow HTTP requests (DoS)
* Fast check to discard offline bots
* Update ALL botnet status
* Added: 110 dorks
* Fixed bugs (search engines, update...)
* Web/GUI updated (added 'wargames'...)
* [...]
---------
FAQ:
- https://ufonet.03c8.net/FAQ.html
---------
Packages:
* [source]:
- https://github.com/epsylon/ufonet
* [.zip]:
- https://ufonet.03c8.net/ufonet/ufonet-v1.0.zip
* [.tar.gz]:
- https://ufonet.03c8.net/ufonet/ufonet-v1.0.tar.gz
* [all/.deb]:
- https://ufonet.03c8.net/ufonet/ufonet_1.0-1_all.deb
-------------------------
Media/Contribution:
* POC: v1.0 - "TachY0n!" DDoS + DoS attack:
- https://ufonet.03c8.net/ufonet/ufonet-tachyon-poc-attack.ogv
-------------------------
[1] - http://cwe.mitre.org/data/definitions/601.html
[2] -
https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2
Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists