BoNeSi - the DDoS Botnet Simulator - GitHub

BoNeSi is a network traffic generator for different protocol types. The attributes of the created packets and connections can be controlled by several ... Skiptocontent {{message}} Markus-Go / bonesi Public Notifications Fork 184 Star 518 BoNeSi-theDDoSBotnetSimulator Apache-2.0License 518 stars 184 forks Star Notifications Code Issues 14 Pullrequests 0 Actions Projects 0 Security Insights More Code Issues Pullrequests Actions Projects Security Insights Thiscommitdoesnotbelongtoanybranchonthisrepository,andmaybelongtoaforkoutsideoftherepository. master Branches Tags Couldnotloadbranches Nothingtoshow {{refName}} default Couldnotloadtags Nothingtoshow {{refName}} default 1 branch 5 tags Code Latestcommit Markus-Go Fixedissue#32-updatetoautomake1.15 … 5fbdc60 Dec1,2018 Fixedissue#32-updatetoautomake1.15 5fbdc60 Gitstats 13 commits Files Permalink Failedtoloadlatestcommitinformation. Type Name Latestcommitmessage Committime man Fixedissue#32-updatetoautomake1.15 Dec1,2018 src Fixedissue#32-updatetoautomake1.15 Dec1,2018 50k-bots InitialGoogleCodeRelease0.1 May13,2008 LICENSE InitialGoogleCodeRelease0.1 May13,2008 Makefile.am InitialGoogleCodeRelease0.1 May13,2008 Makefile.in Fixedissue#32-updatetoautomake1.15 Dec1,2018 README.md Addedlicese,copyright Apr16,2015 aclocal.m4 Fixedissue#32-updatetoautomake1.15 Dec1,2018 browserlist.txt InitialGoogleCodeRelease0.1 May13,2008 config.guess InitialGoogleCodeRelease0.1 May13,2008 config.h.in Fixedissue#25andswitchedtoautomake1.14.1andautoconf2.69. Jan26,2016 config.sub InitialGoogleCodeRelease0.1 May13,2008 configure Fixedissue#32-updatetoautomake1.15 Dec1,2018 configure.ac Fixedissue#25andswitchedtoautomake1.14.1andautoconf2.69. Jan26,2016 depcomp InitialGoogleCodeRelease0.1 May13,2008 install-sh InitialGoogleCodeRelease0.1 May13,2008 missing InitialGoogleCodeRelease0.1 May13,2008 mkinstalldirs InitialGoogleCodeRelease0.1 May13,2008 urllist.txt InitialGoogleCodeRelease0.1 May13,2008 Viewcode BoNeSi DetailedInformation Installation Usage AdditionallyIncludedExampleFiles Copyright/License/Credits README.md BoNeSi BoNeSi,theDDoSBotnetSimulatorisaTooltosimulateBotnetTrafficinatestbedenvironmentonthewire.ItisdesignedtostudytheeffectofDDoSattacks. Whattrafficcanbegenerated? BoNeSigeneratesICMP,UDPandTCP(HTTP)floodingattacksfromadefinedbotnetsize(differentIPaddresses).BoNeSiishighlyconfigurableandrates,datavolume,sourceIPaddresses,URLsandotherparameterscanbeconfigured. Whatmakesitdifferentfromothertools? ThereareplentyofothertoolsouttheretospoofIPaddresseswithUDPandICMP,butforTCPspoofing,thereisnosolution.BoNeSiisthefirsttooltosimulateHTTP-GETfloodsfromlarge-scalebotnetworks.BoNeSialsotriestoavoidtogeneratepacketswitheasyidentifiablepatterns(whichcanbefilteredouteasily). WherecanIrunBoNeSi? WehighlyrecommendtorunBoNeSiinaclosedtestbedenvironment.However,UDPandICMPattackscouldberunintheinternetaswell,butyoushouldbecarefull.HTTP-Floodingattackscannotbesimulatedintheinternet,becauseanswersfromthewebservermustberoutedbacktothehostrunningBoNeSi. HowdoesTCPSpoofingwork? BoNeSisniffsforTCPpacketsonthenetworkinterfaceandrespondstoallpacketsinordertoestablishTCPconnections.Forthisfeature,itisnecessary,thatalltrafficfromthetargetwebserverisroutedbacktothehostrunningBoNeSi HowgoodistheperfomanceofBoNeSi? Wefocusedverymuchonperformanceinordertosimulatebigbotnets.OnanAMDOpteronwith2Ghzwewereabletogenerateupto150,000packetspersecond.OnamorerecentAMDPhenomIIX61100Twith3.3Ghzyoucangenerate300,000pps(runningon2cores). AreBoNeSiattackssuccessful? Yes,theyareverysuccessful.UDP/ICMPattackscaneasilyfillthebandwidthandHTTP-Floodingattacksknockoutwebserversfast.WealsotestedBoNeSiagainststate-of-the-artcommercialDDoSmitigationsystemsandwhereabletoeithercrashthemorhidingtheattackfrombeingdetected. AdemovideoofBoNeSiinactioncanbefoundhere. DetailedInformation BoNeSiisanetworktrafficgeneratorfordifferentprotocoltypes. Theattributesofthecreatedpacketsandconnectionscanbecontrolledby severalparameterslikesendrateorpayloadsizeortheyaredeterminedbychance. Itspoofsthesourceipaddressesevenwhengeneratingtcptraffic.Thereforit includesasimpletcp-stacktohandletcpconnectionsinpromiscuousmode. Forcorrectwork,onehastoensurethattheresponsepacketsareroutedtothe hostatwhichBoNeSiisrunning.ThereforeBoNeSicannotusedinarbitrary networkinfrastructures. Themostadvancedkindoftrafficthatcanbegeneratedarehttprequests. TCP/HTTP Inordertomakethehttprequestsmorerealistic,severalthingsaredetermined bychance: sourceport ttl:3..255 tcpoptions:outofsevendifferentreallifeoptions withdifferentlengthsandprobabilities useragentforhttpheader:outofabyfilegivenlist (anexamplefileisincluded,seebelow) Copyright2006-2007DeutschesForschungszentrumfuerKuenstlicheIntelligenz Thisisfreesoftware.LicensedundertheApacheLicense,Version2.0. ThereisNOWARRANTY,totheextentpermittedbylaw. Installation :~$./configure :~$make :~$makeinstall Usage :~$bonesi[OPTION...] Options: -i,--ips=FILENAMEfilenamewithiplist -p,--protocol=PROTOudp(default),icmportcp -r,--send_rate=NUMpacketspersecond,0=infinite(default) -s,--payload_size=SIZEsizeofthepaylod,(default:32) -o,--stats_file=FILENAMEfilenameforthestatistics,(default:'stats') -c,--max_packets=NUMmaximumnumberofpackets(requestsattcp/http),0=infinite(default) --integerIPsareintegersinhostbyteorderinsteadofindottednotation -t,--max_bots=NUMdeterminemax_botsinthe24bitprefixrandomly(1-256) -u,--url=URLtheurl(default:'/')(onlyfortcp/http) -l,--url_list=FILENAMEfilenamewithurllist(onlyfortcp/http) -b,--useragent_list=FILENAMEfilenamewithuseragentlist(onlyfortcp/http) -d,--device=DEVICEnetworklisteningdevice(onlyfortcp/http,e.g.eth1) -m,--mtu=NUMsetMTU,(default1500).CurrentlyonlywhenusingTCP. -f,--frag=NUMsetfragmentationmode(0=IP,1=TCP,default:0).CurrentlyonlywhenusingTCP. -v,--verboseprintadditionaldebugmessages -h,--helpprinthelpmessageandexit AdditionallyIncludedExampleFiles 50k-bots 50,000ipaddressesgeneratedrandomlytousewith--ipsoption browserlist.txt severalbrowseridentificationstousewith--useragentlistoption urllist.txt severalurlstousewith--urllistoption Copyright/License/Credits Copyright2006-2007DeutschesForschungszentrumfuerKuenstlicheIntelligenz Copyright2008-2015MarkusGoldstein Thisisfreesoftware.LicensedundertheApacheLicense,Version2.0. ThereisNOWARRANTY,totheextentpermittedbylaw. About BoNeSi-theDDoSBotnetSimulator Resources Readme License Apache-2.0License Stars 518 stars Watchers 40 watching Forks 184 forks Releases 5 v0.3.1 Latest Dec1,2018 +4releases Packages0 Nopackagespublished Languages C 37.7% Makefile 33.5% Shell 25.0% Objective-C 3.1% M4 0.7% Youcan’tperformthatactionatthistime. Yousignedinwithanothertaborwindow.Reloadtorefreshyoursession. Yousignedoutinanothertaborwindow.Reloadtorefreshyoursession.