Skip to content
PHP denial of service / stress test for Web Servers running PHP-FPM or PHP-CGI
Branch: master
Clone or download
vinnytroia adding license
Signed-off-by: Vinny Troia <>
Latest commit f987a7e May 17, 2014
Type Name Latest commit message Commit time
Failed to load latest commit information. readme May 3, 2014


Night Lion Security proof of concept denial of service / stress tester for PHP websites running with Apache and NGINX systems (PHP-FPM and PHP-CGI)

Using a standard cable/DSL connection, this attack can flood a Linux web server’s CPU and RAM using standard HTTP requests. This attack effects Apache or NGINX web servers that handle dynamic PHP content using either PHP-CGI or PHP-FPM (which includes WordPress websites). In addition, the requests made by the attack (or default) web server configurations will continue to keep the server’s resources in use far past the end of the attack.

To execute the attack, set your target URL and time delay parameters and the script will do the rest.

For more information, visit:

You can’t perform that action at this time.