THC SSL DOS Tool Released

THC-SSL-DOS is a tool to verify the performance of SSL. Establishing a secure SSL connection requires 15x more processing power on the server than on the client. THC-SSL-DOS exploits this asymmetric property by overloading the server and knocking it off the Internet. This problem affects all SSL implementations today. The vendors are aware of this […]

Continue Reading

DDoS and Hacking Services for Sale

According to Daniel Krebs an independent security researcher, hackers have started contending among themselves openly by providing DDoS (distributed denial-of-service) services that can help in causing websites to collapse. Signalnews reported this on August 2, 2011. Apparently, several secret forums exist on which subscribers canvass their skills for carrying out devastating DDoS assaults in return […]

Continue Reading

DDOSIM – Layer 7 DDoS Simulator

ddosim is a tool that can be used in a laboratory environment to simulate a distributed denial of service (DDOS) attack against a target server. The test will show the capacity of the server to handle application specific DDOS attacks. ddosim simulates several zombie hosts (having random IP addresses) which create full TCP connections to […]

Continue Reading

Security firm warns of commercial, on-demand DDoS botnet

IMDDOS, which is mainly based in China, has grown to become one of the largest active botnets. The security firm Damballa is warning of a large and fast growing botnet created specifically to deliver distributed denial of service (DDoS) attacks on demand for anyone willing to pay for the service. The IMDDOS botnet is operated […]

Continue Reading

Kaspersky 2010 Remote Memory Corruption / DoS PoC

Description: The vulnerability affects Kaspersky Internet Security 2010 9.0.0.459 antivirus and its brother, the Kaspersky Antivirus 2010 9.0.0.463 version. The exploit was discovered on August 18th 2009. The problem with these two antivirus versions appears when parsing a URL address. Using a lot of consecutive dots inside the address. Kaspersky’s native avp.exe process will soar […]

Continue Reading