Inundator

Inundator是一个多线程,队列驱动的,匿名的入侵检测误报发电机对多个目标的支持。

资料来源:http://inundator.sourceforge.net/
Inundator 首页
Inundator 源代码版本库

包含在inundator包工具

inundator - 多线程的IDS误报发生器
:~# inundator -h
help


inundator - fills ids/ips/waf logs with false positives to obfuscate an attack.
Syntax: /usr/bin/inundator [options] <target>


Options:

    -a, --auth          Credentials for SOCKS proxy in user:pass format.
                        Default: undef

    -d, --delay         Delay in microseconds (millionths of a second) after
            sending an attack.
                        Default: 0mus since we default to tor, and tor is slow.

    -n, --no-threads    Disable thread support.
            Default: threads are used.

    -p, --proxy         Define the SOCKS proxy to use for attacks in host:port
                        format. The use of a SOCKS proxy is mandatory for rather
                        obvious reasons.
                        Default: localhost:9050 (tor)

    -r, --rules         Path to directory containing Snort rules files.
                        Default: /etc/snort/rules/

    -s, --socks-version Specify SOCKS version to use (4 or 5).
                        Default: 5

    -t, --threads       Number of concurrent threads.
                        Default: 25

    -u, --use-comments  Don't ignore commented lines in Snort rules files.
                        Default: commented lines are ignored

    --verbose           Provide more information about attacks sent.

    --Version       Print version information and exit.


Target:

    - Single host (FQDN or ip addr)

    - Range of ip addrs

    - Subnet in CIDR format

See 'man 1 inundator' for more information.

inundator用法示例

使用5个线程(-t 5)充斥目标系统(192.168.1.1):

:~# inundator -t 5 192.168.1.1
[+] queuing up attacks...
[+] queuing up target(s)...
[+] detecting open ports on 192.168.1.1...
[+] child 1 now attacking.