Fg Power DDOSER
This tool is primarily a “hostbooter” and is aimed at giving unscrupulous gamers an advantage by flooding opponents with traffic. HTTP flooding capabilities may be effective at bringing down unprotected websites as well. A Firefox password stealer is also included, which can be very deadly as people re-use passwords all the time.GB DDoSeR v3
This tool is advertised as a booter and delivers a TCP or UDP stream of characters of the attacker’s choice towards a victim IP/host and port. This simple bot is written in Visual Basic.Silent-DDoSer
This Visual Basic tool offers attack types “UDP”, “SYN” and “HTTP”. All appear to send a basic user-specified flood string. Silent-DDoSer utilizes triple-DES and RC4 encryption, IPv6 capabilities, and password stealing functions.Drop-Dead DDoS
This tool is one example of a Runescaper booter. While I am not a gamer, the opportunity to make real-world money through the virtual economies of gaming worlds may have help make such tools popular.D.NET DDoSeR
Positve’s xDDoSeR
Sniff DDoSer
This one was announced on a forum and appears to be written in .NET. The default operation appears targeted towards Xbox flooding. We can also see some of the typical anti-detection mechanisms at play in the builder screen.Darth DDoSeR v2
Net-Weave
Net-Weave is one of the many bots that appeared in our malware collection in mid-2011. It is a booter/bot and backdoor written in .NET and features the typical array of malware functionality including download and execute, USB spreading capabilities, TCP connection exhaustion flood, UDP flood, and a crude port 80 flood instantiated with a .NET Socket call.Malevolent DDoSeR
HypoCrite
Host Booter v5.7
This booter features several flooding attacks including the popular Slowloris attack style. The features are listed as:UDP (UDP flood), Port (Blocks connections on that port), HTTP (For websites), Slowloris (For websites),
Bandwidth Drain (Put a direct link for a .exe or any other file), Send Command To All / Send Stop To All (Execute or End your command), Ports: 25 / 80 / 445 / 3074 / 27015 (Ports you can choose from, you can use your own), Sockets: [1-250] (How many sockets you will use), Seconds: [1-60] (How many seconds you wish your attack to be enabled for), Minutes: [1-59] (How many minutes you wish your attack to be enabled for), Size (KB) Packet size for UDP, Delay (MS) Time between sending a packet
Connect (MS) Reconnect sockets, Timeout (MS) Connection timeout
Manta d0s v1.0
The author of this tool, Puridee, has also written multiple other tools including the “Good-Bye” DoS tool.Good Bye v3.0
The Good-Bye tools appear to be simple HTTP flooding tools that have no DDoS or botnet capability.Good Bye v5.0
Black Peace Group DDoser
Little additional information was found about this particular tool.Now we’ll look at a couple of “shell booters” that utilize hijacked web applications to perform flooding attacks. While these have been well documented in the past, shell booters typically leverage a number of compromised web applications where an attacker has typically installed a PHP webshell. Sometimes, these webshells may exist on high bandwidth networks, which can amplify the force of the attack significantly. Private webshells are worth more, and lists of webshells can be purchased. Some generic webshells are x32, greenshell, PsYChOTiiC, shell, mouss, Supershell, venom, atomic, and many others. There are other shells specifically created for ddos, such as ddos.php. A webshell can of course be named anything, but these names are common.
PHPDoS
TWBOOTER
Gray Pigeon RAT
This is a screenshot from the Gray Pigeon Remote Access Trojan (RAT). In this screenshot, the attacker appears to have three bots online but has filtered the list to show only bots from Beijing, China. Gray Pigeon is well known for its RAT capabilities but it also has DDoS features as well. There are many DDoS bots using Chinese language sets and operating from within the Chinese IP address space. Some of these have been profiled by Jeff Edwards of Arbor Networks ASERT in the past. A great deal of code sharing takes place among the Chinese DDoS bot families that we have analyzed.DarkComet RAT aka Fynloski
DarkComet is freeware and easily available to anyone. While it features a variety of flooding types, these are an afterthought compared to its main Remote Access Trojan functions which are significant. The binaries for this threat are often called Fynloski.MP-DDoser v 1.3
Warbot
This is the warbot web based control panel. Commands are ddos.http (seen here), ddos.tcp and ddos.udp.
mmcybersecurityteam မွကို Funny_Z0mb!3 စုေဆာင္းတင္ျပေပးျခင္းျဖစ္ပါသည္။
mmcybersecurityteam မွ ဒီပိုစ့္ကိုတိုက္ရိုက္ကူးယူ ျဖန္႕ေ၀တင္ျပျခင္းျဖစ္ပါသည္..။