Bug#1051482: ITP: slowloris -- Security testing tool for web servers
Package: wnpp
Severity: wishlist
Owner: Josenilson Ferreira da Silva <nilsonfsilva@hotmail.com>
X-Debbugs-Cc: debian-devel@lists.debian.org, nilsonfsilva@hotmail.com
* Package name : slowloris
Version : 0.14.2
Upstream Contact: Gokberk Yaltirakli <opensource@gkbrk.com>
* URL : https://github.com/gkbrk/slowloris
* License : MIT/Expat
Programming Lang: Python
Description : Security testing tool for web servers
Open source tool used to perform Denial of Service (DoS) attacks on web
servers. Slowloris exploits a vulnerability in web servers called “Keep-Alive”
to exhaust server resources and make them inaccessible.
.
Slowloris offers a number of configurable options, allowing fine-grained
control over request behavior. Some of which include:
- Web Server Port: It is possible to specify the web server port to be
the target of the action, usually port 80.
- Number of Sockets: You can determine the number of simultaneous sockets
that the tool will use to send requests to the server.
- Log Increase (Verbose): The level of detail of the information logged
during the run can be adjusted, allowing a more detailed analysis of the
results.
- User agent randomization: Slowloris can randomize user agents on each
request, making it difficult to detect the destination server.
- Use of SOCKS5 proxy: The tool supports the use of a SOCKS5 proxy to further
hide the source of requests.
- Use of HTTPS for Requests: In addition, it is possible to configure the
tool to use the HTTPS protocol for requests, adding another layer of
obscurity.
- Time interval between headers: You can specify a time interval between
sending request headers, controlling the rate of requests.
Reply to: