A simulation CLI used to learn and simulate DoS/DDoS attacks using cloud services and cyber tools
Install terraform, hping3, ssh (optional)
We use Terraform with AWS provider to launch an ec2 instance as a victim, you need to setup an AWS account and config credentials in the local environment
We already have a CLI to run the simulation easily. Firstly, you need to build the CLI in development mode
pip install --editable .After above step, you already have a cli to simulate and test DoS/DDoS attack. View detail of the cli hiddos --help, And remember to just run the CLI at root of project
Init HiDDoS project
hiddos initFirst things first, you need to init and launch cloud machines (DNS server and Victim machine)
hiddos cloud --launchIf you work directly with Terraform, remember to run hiddos cloud --ip to resync the IP config for other commands
What happens after running launch command?
-> This command launches some cloud setup using Terraform, with 2 ec2 instances, one for a victim and one for a DNS server (used to simulate a DNS Amplification attack). Also it setups some config and creates .hiddos directory used by other commands
After setup victim, you're now able to attack this one
Each attack is defined as a subcommand, remember to use --help to explore all the options to attack or protect. Eg. hiddos syn-flood --help
To know the detail of the SYN Flood attack cloudflare.com/learning/ddos/syn-flood-ddos-attack
Start attacking the victim by default config
hiddos syn-floodhiddos syn-flood --mode ddos --count 999999You need to open Wireshark and watch network changes, a tone of SYN packages sent to the victim. Our setup primarily points to port 80 of HTTP requests, the cli will shows a URL for you to launch a web page as a legitimate client. After a few seconds, the server victim will be down, and you can not reach the server to get the web page.
Connect to DNS server
hiddos ssh -t dnsConnect to Victim machine
hiddos ssh -t victim