DDoS attacks evolve constantly, challenging IT and network security teams to remain up-to-date on the latest DDoS tools and scripts.
The Prolexic Security Engineering & Response Team (PLXsert) monitors and analyzes malicious cyber threats, deconstructing attack vectors to develop stronger DDoS defense techniques and DDoS mitigation rules.
As these attack vectors gain popularity, or pose a high-risk threat, we share this information periodically with the security community as a public service.
These DoS and DDoS Threat Advisories provide insight into specific threats and attack signatures as well as DDoS remediation techniques you can take to defend against them.
Drive [High Risk]
This threat advisory includes an analysis of two payloads found in the wild, a summary of the capabilities of the Drive toolkit, and IDS signatures that can be used to detect incoming attack vectors from the toolkit.
Itsoknoproblembro [High Risk]
This threat advisory includes profiles of 11 different attack signatures, with detailed SNORT rules for DDoS mitigation; detection rules to identify infected web servers (bRobots), and a free log analysis tool (BroLog.py) that can be used to pinpoint which scripts were accessed, by what IP address and for what DDoS targets, to aid sanitization efforts.
Dirt Jumper Vulnerability Disclosure Report
The Dirt Jumper family of DDoS Toolkits is considered one of the most popular attack tools on the market today. This vulnerability report exposes key weaknesses in the command and control (C&C) architecture that could neutralize would-be attackers.
Pandora [Medium Risk]
This Russian-origin toolkit offers five DDoS attack modes and appears to be authored by the same individual responsible for the popular and destructive Dirt Jumper family of tools.
HULK (HTTP Unbearable Load King) [Medium Risk]
This script takes advantage of common weaknesses with out-of-the-box web server functionality by launching 500 threads, which each spawn an additional 500 threads at the target web server.
Booter Shell Scripts [High Risk]
These sophisticated, easy-to-use DDoS attack scripts make it possible to bring down web servers without vast networks of infected zombie computers.
High Orbit Ion Cannon (HOIC) [Medium Risk]
This stealth DDoS attack tool targets up to 256 URLs simultaneously and randomizes attack signatures.
Dirt Jumper [Medium Risk]
Learn about the dangers of the Dirt Jumper DDoS Toolkit for application layer attacks and download Prolexic’s free Dirt Dozer scanning tool to protect your sites.
SNMP Amplification DDoS [High Risk]
These attacks saturates a target’s link with a stream of distributed UDP packets.
Killapache.pl 1.0 [High Risk]
This attack targets Apache web servers with malicious HTTP range request header data.
#RefRef ©Anonymous 2011 [Low Risk]
This toolkit exploits SQL injection vulnerabilities by using features included in the MySql SELECT permission.
By identifying the sources and associated attributes of individual DDoS attacks, the PLXsert team helps organizations like yours adopt best practices and make more informed, proactive decisions about DDoS threats. PLXsert now offers a premium subscription service that provides current threat intelligence, infrastructure and defense evaluation, as well as post-attack forensics.
Access Prolexic's Threat Advisories
* Required field