• Stars
    star
    339
  • Rank 124,632 (Top 3 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created over 7 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Asynchronous HTTP Botnet for Distributed Denial of Service (DDoS)

Hulk_Banner

Python Version License Build and Package Codacy branch grade

⚠ī¸ Disclaimer

Hulk is meant for educational and research purposes only.
Any malicious usage of this tool is prohibited.
The authors must not to be held responsible for any consequences from the usage of this tool.

Introducing HULK-v3 🤖

ℹī¸ Hulk is a Distributed Denial of Service tool that can put heavy load on HTTPS servers, in order to bring them to their knees, by exhausting the resource pool.

Check out Hulk in Action

GUI đŸ–Ĩī¸ Hulk_demo

Server đŸ’ģ Hulk_server Client/Bot 👾 Hulk_client

đŸŸĸ To get started, expand the sections below to read about them.

Changelog 📃

You can refer the Changelog here.

Usage 📖

  1. Run pip install -r requirements_(linux/win).txt before starting this script.

    Ex: On Windows: pip install -r requirements_win.txt Ex: On Linux: pip install -r requirements_linux.txt

  2. Launch the hulk_launcher.py server with the target website as arg.

    Ex: python hulk_launcher.py server https://testdummysite.com

    Append --persistent False to kill the botnet after a succesfull DDoS.

    Append --gui if you are running the GUI in parallel.

  3. Launch the hulk_launcher.py client to spawn multiple processes of hulk - one per CPU Core.

    Ex: python hulk_launcher.py client [localhost]

    If the server is running remotely, replace localhost with the server's IP.

  4. To run the GUI, you need to:

    • Install NodeJS, change to gui directory and use npm install.
    • Launch the GUI with npm run dev.
  5. Sit back and sip your coffee while the carnage unleashes! 😈

(P.S. Do not run the binaries (except hulk_gui) directly, use them from command line like shown above without using python.)

Syntax Help 📜

Server đŸ’ģ

usage: hulk_launcher.py server [-h] [-p PORT] [-m MAX_MISSILES] [--persistent] [--gui] target

The Hulk Server Launcher

positional arguments:
target                the target url.

options:
-h, --help            show this help message
-p PORT, --port PORT  the Port to bind the server to.
-m MAX_MISSILES, --max_missiles MAX_MISSILES
                        the maximum number of missiles to connect to.
--persistent          keep attacking even after target goes down.
--gui                 run on the GUI mode.

Client 👾

usage: hulk_launcher.py client [-h] [-r ROOT_IP] [-p ROOT_PORT] [-n NUM_PROCESSES] [-s]

The Hulk Bot Launcher

options:
-h, --help            show this help message
-r ROOT_IP, --root_ip ROOT_IP
                        IPv4 Address where Hulk Server is running.
-p ROOT_PORT, --root_port ROOT_PORT
                        Port where Hulk Server is running.
-n NUM_PROCESSES, --num_processes NUM_PROCESSES
                        Number of Processes to launch.
-s, --stealth         Stealth mode.

Architecture ⚙ī¸

⚠ī¸ The intention of Hulk is to demonstrate the damage that a DDoS attack can do to a server if unprotected.
💡 Please go through the code for full details. I'm keeping it well documented and request the contributors to do so too.

Hulk consists of 2 major and 1 optional components:

  • Server
  • Client
  • [Gui]

Hulk_architecture

Client 👾

The core part of Hulk is the Hulk client aka Hulk.py.
This client\bot launches a barrage of asynchronous HTTP requests to the target server.
These incoming requests, put a burden on the target and makes it slow to respond.
With the launcher script, we can launch multiple instances of Hulk using multi-threading.
The target will be hit with so many requests that it will ultimately break into a 500 error.
Usually, the client completes 500 attacks and sends back the list of status messages.
In case of special events, the client will immediately send an Interrupt message to the server.
Example Special Events: Successful DDoS, 404 Target Not Found, etc.

Server đŸ’ģ

Hulk was originally a single instanced DoS script. However, it has been modified to be run as multiple instances.
The cluster of many such instances is called a botnet. And this botnet can be controlled and monitored by the Server.
The Server and Client communicate with each other through TCP WebSockets. Based on the settings, this is usally a persistent bidirectional channel.
In case the server receives Interrupts from a client, it will send out a broadcast message to all the clients, asking them to stop the attacks.
The clients go to Standby mode and await further instructions from the server.

The server can also send information to the GUI to keep a track of the botnet.
This information is sent via Unix\Windows Named Pipes for low latency IPC.

GUI đŸ–Ĩī¸

The GUI is a NextJS web application that is used to monitor the botnet via Named Pipes.
When run as a binary, GUI makes use of Electron which exposes the information directly to the Frontend.
When run as a Node process, a node server listens to the Named Pipe and passes on the information to a HTTP Streaming API.
Then the frontend will pick it up from the API using EventSource.

Acknowledgements đŸ‘Ĩ

Authors ✍ī¸

Name Version
Hyperclaw79 2.0+
Barry Shteiman 1.0

Contributors 🤝

Thanks for contributing to the repo. Follow the Contribution Guide and open a PR.

Contributor Contribution
Nexuzzzz Fixed typo in the code

License 📄

HULK v3 is a Python 3 compatible Asynchronous Distributed Denial of Service Script.
Original script was created by Barry Shteiman. You can use that one if you have Python 2.

Using a GNU license cause there was no mention about any license used by Barry. Feel free to modify and share it, but leave some credits to us both and don't hold us liable.

More Repositories

1

PokeBall-SelfBot-Poketwo-Autocatcher

This specific selfbot was designed to automatically catch pokemon spawned on Discord by Poketwo bot. It also offers other utility functions to automate features like trading, releasing, id search, etc. Currently the autocatcher is powered by AI making it possible to autocatch pokemons on multiple bots like PokeTwo, PokeRealm, etc.
Python
336
star
2

HyperAI

A python chatbot that uses cleverbot.io's API.Made for chatting with CharlesTheAI.
Python
30
star
3

StocksALot

StocksALot is a cutting edge PoC for Stock Market Analysis employing OpenAI's GPT LLMs for insight inference.
Python
9
star
4

PokeGambler

The PokeGambler Discord Bot uses pokemon themed playing cards for a fun gambling match. It has a dedicated currency, profile system and other minigames. Earned pokechips can be cross-traded.
Python
6
star
5

vssticky

Attach sticky notes on your files, from inside VS Code.
TypeScript
5
star
6

The-HyperBot

The multipurpose HyperBot for Discord. Follows a futuristic theme called HyperRealm. HyperRPG is the secondary major feature currently in development.
Python
3
star
7

playfair-cipher

Simple python code implemented Playfair cipher.
Python
2
star
8

HasuraBot

The HasuraBot for HasuraHQ discord server.
Python
2
star
9

Material-Chatroom.io

Just a simple live chat made using React, Material-UI and Socket.IO
JavaScript
1
star
10

WorldSim

A world simulation model that will be used to simulate the outcome of human actions on the world.
Python
1
star
11

Memeshot

Grab screenshots from videos based on a search word in subtitles. You can use it get images from videos to create dope memes.
Python
1
star
12

electon

A voting based social media app made as a part of HPDF, Hasura.
JavaScript
1
star
13

GoGoAnime-Spider

A simple python script to fetch the batch download links to your favorite anime from GoGoAnime. It fetches the download ready links, into a text file, which you can paste into downloaders like FDM.
Python
1
star
14

PyMuBot

A twiiter bot written in python which fetches details for a song requested by user. It exracts the song and artist names using NLP.
Python
1
star
15

ShowBot

ShowBot is a Discord python bot that fetches you the theatres and showtimes for a movie of your choice, in your city, for a given date, interactively. Integrate it with your Discord server in under five minutes. It works using the ShowTimes API written by Hyper. This is a RESTful API that fetches the showtimes and returns it as a json. It is written in Python Flask and hosted over an Nginx server through Gunicorn.
Python
1
star
16

HPDF-Task-1-Twitter-Clone-Demo

Cloned Twitter's searchpage and homepage ui with material design.
JavaScript
1
star