{"id":6146,"date":"2012-06-08T23:51:16","date_gmt":"2012-06-08T16:51:16","guid":{"rendered":"http:\/\/deepquest.code511.com\/blog\/?p=6146"},"modified":"2012-06-08T23:59:34","modified_gmt":"2012-06-08T16:59:34","slug":"hulk-the-web-server-dos-tool","status":"publish","type":"post","link":"https:\/\/deepquest.code511.com\/blog\/2012\/06\/hulk-the-web-server-dos-tool\/","title":{"rendered":"HULK &#8211; The Web Server DoS Tool"},"content":{"rendered":"<p>HULK is a Python script, that generates randomly crafted, unique HTTP requests, generating a fair load on a web server, eventually exhausting it of resources. It uses various techniques to make the requests dynamic and thus more difficult to detect, such as randomising both User-Agent and Referer fields.<\/p>\n<p><!--more--><\/p>\n<div><strong>Anti-detection techniques used by HULK:<\/strong><\/div>\n<ul>\n<li>Obfuscation of Source Client \u2013 this is done by using a list of known User Agents, and for every request that is constructed, the User Agent is a random value out of the known list<\/li>\n<li>Reference Forgery \u2013 the referrer that points at the request is obfuscated and points into either the host itself or some major pre-listed websites.<\/li>\n<li>Stickiness \u2013 using some standard HTTP command to try and ask the server to maintain open connections by using Keep-Alive with variable time window<\/li>\n<li>no-cache \u2013 this is a given, but by asking the HTTP server for no-cache , a server that is not behind a dedicated caching service will present a unique page.<\/li>\n<li>Unique Transformation of URL \u2013 to eliminate caching and other optimization tools, I crafted custom parameter names and values and they are randomized and attached to each request, rendering it to be Unique, causing the server to process the response on each event.<\/li>\n<\/ul>\n<p>download\u00a0<a href=\"http:\/\/deepquest.code511.com\/blog\/wp-content\/uploads\/2012\/06\/hulk.zip\">hulk<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>HULK is a Python script, that generates randomly crafted, unique HTTP requests, generating a fair load on a web server, eventually exhausting it of resources. It uses various techniques to&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"","_seopress_robots_index":"","jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[162,139],"tags":[40,2079],"class_list":["post-6146","post","type-post","status-publish","format-standard","hentry","category-ddos-security","category-tools","tag-ddos","tag-python"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4bBYZ-1B8","_links":{"self":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/6146","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/comments?post=6146"}],"version-history":[{"count":7,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/6146\/revisions"}],"predecessor-version":[{"id":6157,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/posts\/6146\/revisions\/6157"}],"wp:attachment":[{"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/media?parent=6146"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/categories?post=6146"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/deepquest.code511.com\/blog\/wp-json\/wp\/v2\/tags?post=6146"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}