WebApp Sec mailing list archives
Re: pentest tool for dos
From: Rafael Correia <rafaelnominato () gmail com>
Date: Tue, 14 Jun 2011 09:16:08 -0300
Maybe T50. http://t50.sourceforge.net/index.html 2011/6/14 ShiYih Lye <shiyih.lye () my offgamers com>:
hi guys, Appreciated a lot with the feedback. I have tested HOIC and LOIC, they are both windows, so might not that suitable for my pentest environment, as I'm using a datacenter linux server as the attacker to dos my webserver. We are still testing Slowloris and RUDY. Siege so far able to trigger more concurrent connection to the victim with 1000+, which ab maximum connection is only around 100+. After those threshold, we will be getting error from the attacker. We are using a Centos 5.5 for the attacker. On Tue, Jun 14, 2011 at 1:47 PM, ShiYih Lye <shiyih.lye () my offgamers com> wrote:hi guys, Appreciated a lot with the feedback. I have tested HOIC and LOIC, they are both windows, so might not that suitable for my pentest environment, as I'm using a datacenter linux server as the attacker to dos my webserver. We are still testing Slowloris and RUDY. Siege so far able to trigger more concurrent connection to the victim with 1000+, which ab maximum connection is only around 100+. After those threshold, we will be getting error from the attacker. We are using a Centos 5.5 for the attacker. On Mon, Jun 13, 2011 at 5:46 AM, amar wakharkar <amarsuhas () hotmail com> wrote:Dear Lye, You can use Low Orbit Ion Cannon Tool for DOS. Regards, Amar Wakharkar.From: shiyih.lye () my offgamers com Date: Wed, 8 Jun 2011 11:40:00 +0800 Subject: pentest tool for dos To: webappsec () securityfocus com; pen-test () securityfocus com Hi guys, We are testing the dos protection mechanism of our web server, and we're using 'apache benchmark', ab for that purpose (httpd version is 2.2.3 in Centos 5) from the pentest machine. But it is not able to go to a higher concurrent hits, so I'm wonder do you have any better or more comprehensive tools out there that you think is better ? Thanks for any input given. Regards, Lye ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
This list is sponsored by Cenzic -------------------------------------- Let Us Hack You. Before Hackers Do! It's Finally Here - The Cenzic Website HealthCheck. FREE. Request Yours Now! http://www.cenzic.com/2009HClaunch_Securityfocus --------------------------------------
Current thread:
- pentest tool for dos ShiYih Lye (Jun 07)
- Message not available
- Message not available
- Re: pentest tool for dos ShiYih Lye (Jun 13)
- Re: pentest tool for dos Rafael Correia (Jun 14)
- Re: pentest tool for dos Jeremiah Cornelius (Jun 14)
- Re: pentest tool for dos anthony . cicalla (Jun 14)
- Re: pentest tool for dos hkm (Jun 17)
- Message not available
- Message not available