goldeneye.py

Launch denial-of-service attack (HTTP flood)

TLDR

Test a specific website

$ ./goldeneye.py [url]

Test a specific website with 100 user agents and 200 concurrent sockets

$ ./goldeneye.py [url] --useragents 100 --sockets 200

Test a specific website without verifying the SSL certificate

$ ./goldeneye.py [url] --nosslcheck

Test a specific website in debug mode

$ ./goldeneye.py [url] --debug

Display help

$ ./goldeneye.py --help

python goldeneye.py <target_url> [options]

Examples:

Perform a basic HTTP flood on example.com with 10 workers:
python goldeneye.py http://example.com -w 10

Conduct an HTTPS flood for 300 seconds using 500 sockets per worker:
python goldeneye.py https://secure.example.com -s 500 -d 300 --ssl

PARAMETERS

<target_url>
    The URL of the target web server to attack (e.g., http://example.com/).

-w, --workers <num>
    Sets the number of concurrent workers (threads) to use for the attack. Default is usually 50.

-s, --sockets <num>
    Specifies the number of sockets each worker should create. Default is typically 70.

-m, --method <method>
    Defines the HTTP method to use for requests (e.g., GET, POST, HEAD). Default is GET.

-d, --duration <seconds>
    Sets the duration of the attack in seconds. The attack will stop automatically after this period.

-u, --user-agents <file>
    Path to a file containing a list of custom user agents to be used, one per line. If not specified, default randomized user agents are used.

-r, --referers <file>
    Path to a file containing a list of custom referer URLs, one per line. Default is randomized.

-p, --proxy <proxy_url>
    Specifies a proxy server to route traffic through (e.g., http://proxy.com:8080). Can be used for anonymity.

--data <file>
    Path to a file containing data to be sent with POST requests. Required if -m POST is used.

--headers <file>
    Path to a file containing custom HTTP headers to include in requests, one header per line (e.g., 'X-Custom-Header: value').

--ssl
    Forces the use of HTTPS (SSL/TLS) for requests, even if the target URL is HTTP.

--random-param
    Appends a random parameter to the URL, helping to bypass caching mechanisms.

--disable-logging
    Disables console output during the attack.

--help
    Displays the help message and exits.

DESCRIPTION

GoldenEye is a Python-based HTTP/HTTPS flood tool designed to perform Denial-of-Service (DoS) attacks on web servers. It operates by generating a large volume of concurrent HTTP/HTTPS requests, often leveraging unique user agents and varying HTTP methods, to overwhelm the target server's resources. The tool aims to exhaust server capacity by keeping connections open and continuously requesting resources, making the target unavailable to legitimate users. It's often used in penetration testing environments to assess web server resilience, though its use for malicious purposes is illegal and unethical.

CAVEATS

GoldenEye is a DoS attack tool. Using it against any system or network without explicit, written permission from the owner is illegal and can lead to severe legal consequences, including fines and imprisonment. This analysis is for educational and informational purposes only. Do not use this tool for malicious activities.

ETHICAL AND LEGAL DISCLAIMER

The information provided about 'goldeneye.py' is strictly for educational, research, and cybersecurity awareness purposes. Unauthorized access to or attacks against computer systems and networks are illegal and punishable by law. Users are solely responsible for their actions and must ensure they comply with all applicable laws and regulations. Never deploy tools like GoldenEye without explicit authorization.

OPERATION PRINCIPLES

GoldenEye works by simulating a high volume of legitimate-looking web traffic. It attempts to maintain persistent connections to the target server, constantly sending partial or complete HTTP requests to consume server resources like CPU, memory, and network bandwidth. By continuously refreshing connections and varying request parameters (like user agents and referers), it tries to evade simple blocking rules and cache invalidation, thus maximizing the impact on the target.

HISTORY

GoldenEye emerged as a popular open-source Python script for HTTP/HTTPS flood attacks, particularly noted for its simplicity and effectiveness. It gained traction among penetration testers and security enthusiasts for its ability to simulate DoS conditions, and unfortunately, also among malicious actors for actual attacks. Its development reflects the ongoing cat-and-mouse game between DoS tool developers and defensive measures, often being updated to bypass common mitigations like caching and rate limiting.