NTP/DNS/SSDP/SNMP Amplification Script & Benchmarking 07-05-2019, 10:22 AM
#1
Saddam - DDoS Amplification Tool
I've noticed that there hasn't been much of a contribution in this section when it comes to stress testing tools, hence my contribution. The tool provided is a server stress testing tool, coded in Python by the OffensivePython development team.
Attack vector support
- DNS Amplification (Domain Name System)
- NTP Amplification (Network Time Protocol)
- SNMP Amplification (Simple Network Management Protocol)
- SSDP Amplification (Simple Service Discovery Protocol)
Requirements
- OS Supports raw sockets
- Python 2.7
- Pinject (can be found here)
Testing - In Action
![[Image: yuij38S.gif]](https://i.imgur.com/yuij38S.gif)
Usage
Code:
Saddam.py target.com [options] # DDoS
Saddam.py benchmark [options] # Calculate AMPLIFICATION factor
Options:
-h, --help show this help message and exit
-d FILE:FILE|DOMAIN, --dns=FILE:FILE|DOMAIN
DNS Amplification File and Domains to Resolve (e.g:
dns.txt:[evildomain.com|domains_file.txt]
-n FILE, --ntp=FILE NTP Amplification file
-s FILE, --snmp=FILE SNMP Amplification file
-p FILE, --ssdp=FILE SSDP Amplification file
-t N, --threads=N Number of threads (default=1)While these attack methods have been around for ages, they're still incredibly effective and it's not to be underestimated.
Download link: https://github.com/OffensivePython/Saddam
(This post was last modified: 07-05-2019, 10:29 AM by Tracefl0w.)
Ransomware is more about manipulating vulnerabilities in human psychology than the adversary’s technological sophistication.
![[+]](https://sinister.ly/images/modern/collapse_collapsed.png)