![]() ![]() ![]() SlowHTTPTest works on majority of Linux platforms, OS X and Cygwin - a Unix-like environment and command-line interface for Microsoft Windows, and comes with a Dockerfile to make things even easier.Ĭurrently, the supported attacks by the slowhttptest library are: Use it to test your web server for DoS vulnerabilites, or just to figure out how many concurrent connections it can handle. ![]() So, how you can perform such attack easily to a server and don't die trying ? The SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks by prolonging HTTP connections in different ways. For education, the cashier won't kick the grandmas out of the store until they end up telling the story. Didn't get it ? Imagine sending 100 old grandmas to a store, with all of them trying to tell a story from their childhood to the cashier so that no other customers can buy anything. It's just, pretty simple right? However for a bad configured server this can be the doom, the hardware won't be pushed up to the limits, however it hangs basically for education. Let's explain quickly graphically what the attack looks like: ![]() One of those tricky attacks are the Slow HTTP attacks that target any kind of web server. Most of web administrators that doesn't care properly about the security of the servers, are often target of attacks that a lot of black hat hackers know how to perform in mass. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |