🔥 ─ Modular DDoS Testing Toolkit.md
devilZEROis a cutting-edge, modular DDoS testing toolkit engineered for authorized security assessments and ethical penetration testing. It provides a robust suite of attack vectors to simulate Distributed Denial of Service scenarios across various layers, helping security professionals identify and mitigate vulnerabilities in their infrastructure.
Key Capabilities:
- Layer 4 Attacks: Comprehensive support for TCP, UDP, SYN, ICMP, Minecraft, VSE, and TS3/FiveM floods.
- Layer 7 Attacks: Advanced HTTP/HTTPS floods, including Cloudflare bypass (CFB/CFBUAM), session-based requests, dynamic host randomization, and WordPress XMLRPC amplification.
- Amplification Vectors: Exploits DNS, NTP, RDP, CLDAP, MEM, CHAR, and ARD for powerful reflection attacks.
- Utilities & Analytics: Real-time packet/byte counters, IP geolocation, proxy management, and color-coded terminal output for enhanced situational awareness.
| Category | Attack Vector | Description | Key Options |
|---|---|---|---|
| 🎯 Layer 4 | TCP Flood |
Connect flood with random payloads | target, port, threads |
UDP Flood |
High-rate UDP packet injection | target, port, threads, size |
|
SYN Flood |
Raw TCP SYN packet storm (requires root) | target, port, threads |
|
ICMP Flood |
Ping flood (requires root) | target, threads |
|
Minecraft |
Server ping spam with handshake | target, port |
|
MCBOT |
Automated bot login and chat flood | target, port, bots |
|
VSE / TS3 / FiveM |
Game server query attacks | target, port |
|
| 🌐 Layer 7 | GET / POST |
Configurable HTTP/HTTPS request floods | target, threads, method |
CFB / CFBUAM |
Cloudflare-resistant methods | target, threads |
|
BYPASS |
Session-based requests | target, threads |
|
STRESS |
High-payload JSON POST | target, threads, data |
|
SLOW |
Slow-rate connection keep-alive (Slowloris) | target, threads |
|
DYN |
Dynamic host header randomization | target, threads |
|
TOR |
.onion via tor2web gateways | target, threads |
|
XMLRPC |
WordPress pingback amplification | target, threads |
|
BOT |
Crawler emulation (robots.txt + sitemap) | target, threads |
|
| 💥 Amplification | DNS / NTP / RDP |
Reflection attacks with reflectors | target, reflector_list |
CLDAP / MEM / CHAR |
Legacy protocol amplification | target, reflector_list |
|
ARD |
Apple Remote Desktop flood | target, reflector_list |
|
| 🛠️ Utilities | Ping |
ICMP reachability check | host |
IP Info |
Geolocation and ISP lookup | ip_address |
|
Proxy Management |
Auto-download and validation from public lists | fetch, validate |
|
| 📊 Stats | PPS / BPS |
Real-time packet/byte counters | N/A |
Color Output |
Severity-coded terminal logs | N/A |
devilZERO is designed for ease of deployment across various Linux distributions, with a strong recommendation for security-focused environments like Kali Linux, Parrot OS, or Ubuntu.
- Python 3.8+
pip(Python package installer)- (Optional) Docker: For containerized deployment and isolation.
Using a Python virtual environment is the most secure and recommended approach, especially on systems with externally-managed-environment policies (e.g., Kali Linux). This prevents conflicts with system-wide Python packages.
# Clone the repository
git clone https://github.com/wavegxz-design/devilZERO.git
cd devilZERO
# Create and activate a virtual environment
python3 -m venv venv
source venv/bin/activate
# Install dependencies
pip install -r requirements.txt
pip install -e .
# Run devilZERO
devilzeroFor maximum isolation and portability, devilZERO can be run within a Docker container. This ensures all dependencies are self-contained and avoids system-level modifications.
# Clone the repository
git clone https://github.com/wavegxz-design/devilZERO.git
cd devilZERO
# Build the Docker image
docker build -t devilzero .
# Run devilZERO in a container
docker run -it devilzerodevilZERO offers both an interactive menu and direct CLI execution for its modules. After installation, simply run the devilzero command.
┌─[krypthane@redteam]─[~]
└──╼ $ devilzero
██████╗ ███████╗██╗ ██╗██╗ ██╗ ███████╗ ██████╗ ██████╗
██╔══██╗██╔════╝██║ ██║██║ ██║ ██╔════╝██╔═══██╗██╔══██╗
██║ ██║█████╗ ██║ ██║██║ ██║ █████╗ ██║ ██║██████╔╝
██║ ██║██╔══╝ ██║ ██║██║ ██║ ██╔══╝ ██║ ██║██╔══██╗
██████╔╝███████╗╚██████╔╝███████╗███████╗███████╗╚██████╔╝██║ ██║
╚═════╝ ╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝
devilZERO v1.0.0 — Modular DDoS Testing Toolkit
by krypthane (wavegxz-design) — Ethical Hacking Only
1. Layer 4 Attacks
2. Layer 7 Attacks
3. Amplification Attacks
4. Utilities
5. Proxy Management
6. Exit
Select an option: _┌─[krypthane@redteam]─[~]
└──╼ $ devilzero layer4 syn --target 192.168.1.1 --port 80 --threads 100
[INFO] Starting SYN Flood on 192.168.1.1:80 with 100 threads...
[ATTACK] Sending SYN packet to 192.168.1.1:80 (Thread 1)
[ATTACK] Sending SYN packet to 192.168.1.1:80 (Thread 2)
...
[STATS] PPS: 1250 | BPS: 60000
[STATUS] Attack in progress. Press Ctrl+C to stop.- Advanced Evasion Techniques: Implement more sophisticated methods to bypass WAFs and anti-DDoS solutions.
- Distributed Architecture: Support for multi-node attacks and botnet simulation (for authorized testing).
- Reporting & Logging: Enhanced logging capabilities and automated report generation.
- GUI Interface: Development of an optional graphical user interface for easier interaction.
devilZERO is developed and maintained by krypthane (wavegxz-design), a Red Team Operator and Open Source Developer focused on ethical security research and tool development.
