Scripts
| broadcast-avahi-dos |
Attempts to discover hosts in the local network using the DNS Service Discovery protocol and sends a NULL UDP packet to each host to test if it is vulnerable to the Avahi NULL UDP packet denial of service (CVE-2011-1002). |
| http-slowloris |
Tests a web server for vulnerability to the Slowloris DoS attack by launching a Slowloris attack. |
| ipv6-ra-flood |
Generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement. This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests. |
| smb-check-vulns |
Checks for vulnerabilities:
|
| smb-flood |
Exhausts a remote SMB server's connection limit by by opening as many connections as we can. Most implementations of SMB have a hard global limit of 11 connections for user accounts and 10 connections for anonymous. Once that limit is reached, further connections are denied. This script exploits that limit by taking up all the connections and holding them. |
| smb-vuln-ms10-054 |
Tests whether target machines are vulnerable to the ms10-054 SMB remote memory corruption vulnerability. |