Security Tools

HULK is the short form of Http Unbearable Load King. This is a DOS attack tool released in May 2012. This is a python script that generates some nicely crafted unique Http requests, one after the other, generating a fair load on a webserver. This the server resources become unavailable for all other users who want to access the server.



Test server had 4 GB RAM and running on IIS 7. It was brought down only in less than a minute. A powerful server will take time.

Some Techniques used by the tool

• Obfuscation of Source Client – this is done by using a list of known User Agents, and for every request that is constructed, the User Agent is a random value out of the known list
• Reference Forgery – the referer that points at the request is obfuscated and points into either the host itself or some major prelisted websites.
• Stickiness – using some standard Http command to try and ask the server to maintain open connections by using Keep-Alive with variable time window
• no-cache – this is a given, but by asking the HTTP server for no-cache , a server that is not behind a dedicated caching service will present a unique page.
• Unique Transformation of URL – to eliminate caching and other optimization tools, I crafted custom parameter names and values and they are randomized and attached to each request, rendering it to be Unique, causing the server to process the response on each event.