WARNING: This tool is for educational purposes only. It should only be used in controlled, authorized environments.
This repository contains j0lt, a command-line tool designed to demonstrate the mechanics and impact of DNS amplification attacks—a common type of Distributed Denial of Service (DDoS) attack. It is intended for educational purposes within cybersecurity labs to prevent real-world harm.
- Enables IP Spoofing: Specifies a source IP to simulate attacks from different origins.
- Targets Specific Ports: Demonstrates exploitation of UDP-based services.
- Controls Attack Magnitude: Tests system resilience against various loads.
- Debug Mode: Offers detailed packet content outputs for educational purposes.
- Hex Dump: Provides optional hex dumps of packet headers for analysis.
- No Resolv List Mode: Allows use of a pre-existing DNS server list instead of downloading a new one.
The use of j0lt for any unauthorized DDoS attacks is illegal and unethical. Ensure you have explicit permission from network administrators.
$ sudo ./j0lt -t <target> -p <port> -m <magnitude>
$ gcc j0lt.c -o j0lt
$ sudo ./j0lt -t 127.0.0.1 -p 80 -m 1337[-x]will print a hexdump of the packet headers[-d]puts j0lt into debug mode, no packets are sent[-r list]will not fetch a resolv list, if one is provided.
DNS amplification attacks involve attackers using open DNS servers to flood a target with DNS response traffic. This is achieved by spoofing the target's address in DNS lookup requests, causing the server's response to overwhelm the target.