HellRush is a powerful DDoS simulation toolkit designed for network security testing and educational purposes. It provides multiple attack vectors and a built-in domain resolver with port scanning capabilities, making it a comprehensive tool for penetration testers and security researchers to simulate various network attacks in controlled environments.
This tool is developed STRICTLY for EDUCATIONAL PURPOSES and AUTHORIZED SECURITY TESTING only.
- DO NOT use this tool against any system without EXPLICIT permission.
- Unauthorized DDoS attacks are ILLEGAL and can result in severe legal consequences.
- The author (@medjahdi) is NOT responsible for any misuse or damage caused by this tool.
HellRush consists of two main components:
- Multiple attack vectors (UDP, SYN, ICMP, HTTP, DNS, Slowloris)
- Customizable attack parameters (duration, packet size, port)
- Real-time attack animation
- Command-line interface with comprehensive help
- DNS resolution to convert domain names to IP addresses
- Automatic scanning for common open ports
- Detailed scan summary
- Support for domains with multiple IP addresses
- Python 3.x
- Required Python libraries: socket, argparse, threading, random, time, sys, itertools
- Clone the repository:
git clone https://github.com/medjahdi/HellRush.git
cd HellRush- Make sure you have Python 3 installed:
python --version- No additional packages need to be installed as the tool uses only standard Python libraries.
To display the help information, use the -h or --help option:
python hR.py -h
The help command provides detailed information about all available options:
usage: hR.py [-h] -t TARGET -a {udp,syn,icmp,http,dns,slowloris} [-p PORT] [-s SIZE] [-d DURATION]
HellRush: DDoS Simulation Tool for Lab Testing
Arguments:
-t, --target Target IP address to attack (required)
-a, --attack Attack type (required). Options:
udp - UDP Flood: sends random UDP packets to target port.
syn - SYN Flood: sends TCP SYN packets to exhaust resources.
icmp - ICMP Flood: sends ICMP echo requests (ping flood).
http - HTTP Flood: sends HTTP GET requests to web server.
dns - DNS Amplification: sends DNS queries to amplify traffic.
slowloris - Slowloris: sends incomplete HTTP requests to exhaust connections.
-p, --port Target port (default: 80)
-s, --size Packet size in bytes or rate (default: 1024)
-d, --duration Duration of attack in seconds (default: 30)
Note: run: [ python resolver.py -d DOMAIN.COM ] to know the IP/Open ports for your target
-
-t, --target TARGET: (REQUIRED) Specifies the target IP address for the attack. This is a mandatory parameter and must be a valid IP address.
-
-a, --attack {udp,syn,icmp,http,dns,slowloris}: (REQUIRED) Specifies the attack type to use. You must select one of the following attack methods:
udp: UDP Flood - Sends random UDP packets to overwhelm the target portsyn: SYN Flood - Sends TCP SYN packets to exhaust server connection resourcesicmp: ICMP Flood - Sends ICMP echo requests (ping flood)http: HTTP Flood - Sends HTTP GET requests to overload web serversdns: DNS Amplification - Sends DNS queries to amplify trafficslowloris: Slowloris Attack - Sends incomplete HTTP requests to exhaust connections
-
-p, --port PORT: (OPTIONAL) Specifies the target port number to attack. If not provided, the default port 80 will be used.
-
-s, --size SIZE: (OPTIONAL) Defines the packet size in bytes. The default is 1024 bytes. Larger packet sizes can potentially cause more impact but may also be more easily detected.
-
-d, --duration DURATION: (OPTIONAL) Sets the duration of the attack in seconds. The default is 30 seconds.
Before launching an attack, it's recommended to identify your target's IP address and open ports:
python resolver.py -d example.comThis will:
- Resolve the domain to its IP address(es)
- Scan for open ports on common services
- Provide a scan summary
After identifying your target (for authorized testing only), you can use one of the available attack methods:
python hR.py -t [TARGET_IP] -a [ATTACK_TYPE] -p [PORT] -s [PACKET_SIZE] -d [DURATION]UDP Flood attack for 60 seconds:
python hR.py -t 192.168.1.100 -a udp -p 80 -d 60HTTP Flood attack with 2048-byte packets:
python hR.py -t 192.168.1.100 -a http -p 80 -s 2048 -d 45SYN Flood attack on custom port for 20 seconds:
python hR.py -t 192.168.1.100 -a syn -p 443 -d 20-
UDP Flood: Sends a large number of UDP packets to overwhelm the target's ability to process and respond to the traffic.
-
SYN Flood: Exploits the TCP handshake process by sending numerous SYN packets without completing the handshake, exhausting the target's connection resources.
-
ICMP Flood: Bombards the target with ICMP echo request packets (ping), causing the target to be overwhelmed with echo replies.
-
HTTP Flood: Sends legitimate HTTP GET or POST requests to attack the web server, consuming server resources.
-
DNS Amplification: Sends DNS queries with a spoofed source address (the victim's IP) to DNS servers, which then send their responses to the victim.
-
Slowloris: Slowly and partially completes HTTP requests, keeping connections open for as long as possible to exhaust the web server's connection pool.
- The tool is written in pure Python and uses standard libraries for network operations
- ICMP flood attacks require root/administrator privileges due to the use of raw sockets
- Real-time attack visualization is provided through terminal animations
- Both IPv4 and IPv6 targets are supported
Developed by @medjahdi
This project is provided for educational purposes only. Use responsibly and ethically.