lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 7 Jan 2019 23:33:58 +0100
From: psy <epsylon@...eup.net>
To: fulldisclosure@...lists.org
Subject: [FD] New Release: UFONet v1.2 - "Armageddon!"

Hi FD,

I am glad to present a new release of this tool:

  - https://ufonet.03c8.net

"UFONet - is a toolkit designed to launch DDoS and DoS attacks."

See these links for more info:

  - CWE-601:Open Redirect [1]
  - OWASP:URL Redirector Abuse [2]
  - Botnet requests schema [3]

---------

Main options are:

  * DDoS (botnet) + DoS
  * Auto-update
  * Clean code
  * Documentation with examples
  * Web/GUI Interface
  * Proxy to connect to 'zombies' (ex: tor)
  * Change HTTP Headers (User-Agent, Referer, Host...)
  * Configure requests (Timeout, Retries, Delay, Threads...)
  * Search for 'zombies' on different search engines
  * Test vulnerabilities on 'zombies'
  * Download/Upload 'zombies' from/to others
  * Inspect a target (HTML objects sizes)
  * Set a place to 'bite' on a target (ex: big file)
  * Control number of rounds to attack
  * Apply cache evasion techniques
  * Advanced queries (ex: Verb tunneling exploitation)
  * Supports GET/POST
  * Multithreading
  * Order 'zombies' to attack you for benchmarking
  * Geomapping / Visual data
  * [...]

This release (v1.2) called "Armageddon!" has added this new features:

  * Updated (refactorized) internal multithreading
  * Added [DDoS] 'TCP-SYN reflection' attack (--spray)
  * Added [DDoS] 'ICMP broadcast' attack (--smurf)
  * Added [ DoS] 'TCP-XMAS flood' attack (--xmas)
  * Added an ultra-fast ports scanner (--xray)
  * Added attack to multiple targets (from file)
  * Added a 'purging' system to auto-remove failing 'zombies'
  * Added an 'expiring' system to -flow- on the wild
  * Added a 'fortune cookie' and some fancy exit routines ;-)
  * Updated external services
  * GUI upgraded
  * [...]

---------

FAQ:

  - https://ufonet.03c8.net/FAQ.html

---------

Packages:

  * [source]:

  - https://code.03c8.net/epsylon/ufonet

  * [mirror]:

  - https://github.com/epsylon/ufonet

  * [.zip]:

  - https://ufonet.03c8.net/ufonet/ufonet-v1.2.zip

  * [.tar.gz]:

  - https://ufonet.03c8.net/ufonet/ufonet-v1.2.tar.gz

-------------------------

Media/Contribution:

  * VIDEO: v1.2 - "UFONet - Armageddon!":

  - https://ufonet.03c8.net/ufonet/ufonet-armageddon.ogv

-------------------------

[1] - http://cwe.mitre.org/data/definitions/601.html
[2] -
https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_URL_Redirector_Abuse2
[3] - https://ufonet.03c8.net/ufonet/ufonet-schema.png




Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)


_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists