Slowloris is basically an HTTP Denial of Service attack that affects threaded servers. It works like this:
- We start making lots of HTTP requests.
- We send headers periodically (every ~15 seconds) to keep the connections open.
- We never close the connection unless the server does so. If the server closes a connection, we create a new one keep doing the same thing.
How to install and run?
You can clone the git repo or install using pip . Here's how you run it.
-
sudo pip3 install slowloris
-
slowloris example.com
If you want to clone using git instead of pip, here's how you do it.
-
git clone https://github.com/gkbrk/slowloris.git
-
cd slowloris
-
python3 slowloris.py example.com
Configuration options
It is possible to modify the behaviour of slowloris with command-line arguments.