Cyber Attack Preparation Platform

History

DOSarrest has been in the DDoS protection business since 2007 and has acquired unparalleled experience in the DDoS mitigation arena. We have always had a system to simulate DDoS attacks in order to test our DDoS protection platform, as of late many customers and non customers are asking us to test their websites and applications. We now have what customers have been asking for ….. CAPP !

Overview

The Cyber Attack Preparation Platform (CAPP) is a DOSarrest developed advanced botnet simulation platform that can intelligently generate controlled/simulated DDOS attacks to assess how different defense systems can detect and prevent against malicious traffic. Using CAPP's capabilities and reporting analytics, customers can avoid the unknowns of working with unpredictable, variable and chance encounters of a real DDoS attack.

CAPP is a strictly controlled private elastic botnet comprised of our own globally distributed high powered servers plus a large cloud based component, giving it a wide multi directional vector. Customers can choose from a variety of known attacks as well as some we have captured from the wild.
Learn more about attack types available click here

In our 10 year history, we have learnt a lot about what causes real problems for websites. A 5 Mb/sec well placed attack can have the same impact as a 5 Gb/sec attack.

Why Use CAPP ?

• Assess the impact of an attack on your network infrastructure.

Our network engineers have a combined network experience of over 150 years, so we know Routers, switches and load balancers very well and their weaknesses and will test accordingly as well as determine if it’s a hardware limitation or misconfiguration.

• Assess the impact of an attack on your website and applications.

Our experienced team will examine your site, pick out possible weak spots and zero in on these areas, as a real hacker would do.

• Evaluate your existing DDoS protection defences

Determine how effective your mitigation solutions are, and let our engineering team show you how to harden your systems.

• Monitor in real-time the performance of any URL on your website

Using our own monitoring system(DEMS) see any number of parameters that may be effected by an attack. Learn More

• Reporting

Once the testing is complete one of our security specialists will go through the test results with you.

• Stress testing

Customers testing with CAPP can get a real feel for weak spots on their website which can help them better manage these sub-optimal areas by re-coding or adjusting their cache strategies.
CAPP will not find vulnerabilities if you require a thorough vulnerability assessment this product is a better fit. CLICK HERE

Notes:
  • Customers requesting this service must prove ownership of the target Domain.
  • We will only respond to enquiries from corporate email accounts, requests from Gmail, Hotmail, etc will not receive a response from DOSarrest.
  • Current DOSarrest customers will receive a 50% discount on this service.

Originally Apache Benchmark was designed to benchmark the number of concurrent requests an Apache HTTP Server could handle. Yet, this tool is generic enough that it can be used to test any HTTP/HTTPS server.

The DOSarrest headless browser javascript+cookie bypass stress tester, will process javascript, and cookies; in the process of making HTTP/HTTPS connections. This allows the stress tester to bypass common DDoS application layer mitigation techniques. This stress tester was built in house.

This passive application layer site crawl starts at the root of your site and then parses out and follows any links within the scope of your domain name. Each concurrent crawler will restart the crawl once a complete crawl has been conducted. This crawler will also download all site content in the process of crawling the site. This provides an accurate assessment of bandwidth stress, as well as server stress.

This application layer GET request flood simulates user connections to a web server. Unlike the application layer site crawl, this stress test targets a single URI only. This test will also download all URIs content in the process of launching the GET requests to the site. This provides an accurate assessment of bandwidth stress, as well as server stress.

An edited version HULK. Created by chinassie in 2016.

GoldenEye is an HTTP DDoS tool that exploits HTTP Keep Alive and NoCache. This tool sends both GET and POST requests. As well as randomized user agents and referrers.

Developed by Barry Shteiman, the Http Unbearable Load King was designed to bring down a web server from a single source. This tool exploits HTTP Keep Alive and NoCache. It also incorporates random URIs, referrers, and user agents.

Low Orbit Ion Cannon is a denial-of-service attack application, capable of large volumetric attacks. LOIC was initially developed by Praetox Technologies, but was later released into the public domain through the 4 Chan community in 2004. This tool gained notoriety though attacks conducted by the group Anonymous.

Originally developed by Robert Hansen (RSnake), and released to the public in 2009. Slowloris reaches out to a target web server and attempts to keep as many connections open as it can, for as long as possible. This eventually fills all the available connections within the server's pool. Slowloris is also effective in using up the available connections on load balancers.

Tor's Hammer is a slow post dos testing tool written in Python. It can also be run through the Tor network to be anonymized. Kills most unprotected web servers running Apache and IIS via a single instance. Kills Apache 1.X and older IIS with ~128 threads, newer IIS and Apache 2.X with ~256 threads.

Originally developed by the hacktivist th3j35t3r (Jester), XerXeS was first seen in the wild in 2010. Its creator claimed he had used the XerXeS tool to cause the downtime of Wikileaks (November 28, 2010), Westboro Baptist Church (February 21, 2011). Both attacks drew large media attention.

The T50 Experimental Mixed Packet Injector Tool, was created in Brazil by Nelson Brito (2011). This tool was later popularized in its use by Brazilian members of Anonymous.

A Christmas tree packet has the flags FIN, URG, and PSH set. These packets require more processing by routers and servers than a regular packet. This leads to an increase usage of resources when sent as a volumetric flood.

A Christmas tree packet has the flags FIN, URG, and PSH set. These packets require more processing by routers and servers than a regular packet. This leads to an increase usage of resources when sent as a volumetric flood.

A FIN packet flood, is designed to quickly overwhelm the bandwidth capabilities of a network as well as a systems ability to drop connections. FIN or Finish packet floods can confuse devices, as a FIN is not within the regular order found in TCP connections. Effects on network devices may vary. FIN floods are within the top 10 most common protocol layer DDoS attacks.

Discovered by Kenneth B. Jørgensen and Lenny Hansson; in November 2016. the Blacknurse attack is a low volume ICMP attack that effects firewall devices. This attack causes excessive CPU ussage, causing the device to become unresponsive.

A ICMP or ping flood is one of the simplest forms of DDoS attacks. This occurs when a client is bombarded by echo requests (ping packets). This attack floods the incoming connection of a target. Moreover, this volumetric attack attempts to instigate an echo reply. If an echo reply can be trigged, the outgoing connection maybe flooded as well.

A ping of death is a type of attack on a computer system that involves sending a malformed or otherwise malicious ping to a computer. A correctly-formed ping packet is typically 56 bytes in size, or 84 bytes when the Internet Protocol header is considered. However, any IPv4 packet (including pings) may be as large as 65,535 bytes. Some computer systems were never designed to properly handle a ping packet larger than the maximum packet size because it violates the Internet Protocol documented in RFC 791. Like other large but well-formed packets, a ping of death is fragmented into groups of 8 octets before transmission. However, when the target computer reassembles the malformed packet, a buffer overflow can occur, causing a system crash and potentially allowing the injection of malicious code.

A UDP flood is one of the simplest forms of DDoS attacks. This occurs when a client is bombarded by garbage UDP traffic. UDP connections do not require a response from the target. As a result, a target can be bombarded with UDP connections at a speed unregulated by the target. This allows an attacker to flood the incoming connection of the target.

Originally Apache Benchmark was designed to benchmark the number of concurrent requests an Apache HTTP Server could handle. Yet, this tool is generic enough that it can be used to test any HTTP/HTTPS server.

Experience, Technology, and Focus

Ready to get started? Contact us now and get a free quote!

Get A Free Quote