Dns Server Stress Test Tool

Posted on  by

LoadView lets you start stress-testing your site for free by giving away $20 in credits you can use for on-demand testing. This amount allows for a couple of tests with default parameters. If you like the service, you can keep using it on-demand, paying for each test, or signing for a monthly or annual subscription.

  • DNS and traffic management solution provider NS1 has announced the open source release of its Flamethrower tool for testing, benchmarking, and stress testing DNS servers and networks. Flamethrower supports IPv4, IPv6, UDP, TCP, and DNS over TLS. It also offers experimental support for DNS over QUIC.
  • SQLQueryStress is a simple, lightweight performance testing tool, designed to load test individual queries. It includes support for randomization of input parameters in order to test cache repeatability, and includes basic capabilities for reporting on consumed server resources.

NEW YORK--(BUSINESS WIRE)--Apr 25, 2019--NS1, the leader in next-generation DNS and traffic management solutions, today announced the availability of Flamethrower, a lightweight, configurable open source tool for functional testing, benchmarking, and stress testing DNS servers and networks. Flamethrower is available on GitHub.

As the first stop for all application traffic, DNS performance and resiliency are critical to modern application delivery. The need for monitoring and testing DNS capabilities has grown in importance, but while building its new DNS servers, NS1 found existing tools didn’t allow for realistic traffic patterns and real-world testing environments.

“Like many popular open source tools, Flamethrower was created to address a need we had internally at NS1,” said Shannon Weyrick, vice president of architecture at NS1. “Our engineering team required a versatile tool for DNS server development and load testing, but existing solutions didn’t have the features we needed, which limited our ability to perform realistic tests. We built Flamethrower to enable complex testing for DNS performance and functionality so that traffic teams can gain a better understanding of the impact of potential changes to applications and infrastructure in actual production situations.”

Flamethrower supports IPv4, IPv6, UDP, TCP, DNS over TLS, as well as experimental support for DNS over QUIC. It has a modular system for generating the queries used in the tests, allowing for rich and realistic test scenarios that can plug into automation pipelines. It simulates multiple concurrent clients and generates actionable metrics, including send and receive counts, timeouts, errors and data on minimum, maximum and average latency. The metric output format is suitable for ingestion into databases, such as Elastic, for further processing or visualization.

Early testers within the open source community, including Sara Dickinson of Sinodun IT, have offered positive feedback about the new tool.

“We are delighted to see an open source effort on a new DNS performance tool, and especially because Flamethrower was designed from the ground up to support multiple transport protocols for DNS rather than being UDP centric,” Dickinson said. “The recent rapid development of new transports for DNS makes Flamethrower a valuable tool for implementors and operators to evaluate the latest DNS software.”

Flamethrower can adjust its queries per second flow over time, which is useful for generating a “signal” of traffic (e.g., a square wave) for calibrating time series metrics collection. It can also be used to mimic the surges in traffic an organization might see during a DDoS attack or stress test systems for failover, making it an ideal tool for wargaming and chaos engineering.

Casey Rosenthal, a renowned author, chaos engineering expert, and former engineering manager for the Traffic and Chaos Teams at Netflix, said Flamethrower’s ability to replicate realist traffic patterns provides substantial value to traffic teams.

“I wish this tool had been available when I managed traffic teams; we could have used this to validate our methodologies for regional failover,” said Rosenthal, who now serves as CEO and co-founder for Verica.io.

Flamethrower can be built from source, and is available via several OS packaging systems and on Docker Hub. As it’s an open source project, community contributions are welcome and encouraged. The source code is hosted on GitHub alongside other DNS-related tools at the DNS-OARC (Operations, Analysis, and Research Center) community. Visit the NS1 Blog for a more detailed review of the Flamethrower tool.

About NS1

NS1 is the leader in next-generation DNS and traffic management solutions that orchestrate the delivery of the world’s most critical internet and enterprise applications. Only NS1’s purpose-built platform, which is built on a modern API-first architecture, transforms DNS into an intelligent, efficient and automated system, driving dramatic gains in reliability, resiliency, security and performance of application delivery infrastructure. Many of the highest-trafficked sites and largest global enterprises trust NS1, including Salesforce, LinkedIn, Dropbox, Nielsen, Squarespace, Pandora and The Guardian. Visit www.ns1.com to learn more.

View source version on businesswire.com:https://www.businesswire.com/news/home/20190425005297/en/

CONTACT: Jennifer Tanner

Look Left Marketing

Dns Server Stress Test Tool Chest

jtanner@lookleftforgrowth.com

Direct: 229-934-3004

KEYWORD: UNITED STATES NORTH AMERICA NEW YORK

INDUSTRY KEYWORD: TECHNOLOGY DATA MANAGEMENT INTERNET NETWORKS SOFTWARE SECURITY

SOURCE: NS1

Copyright Business Wire 2019.

PUB: 04/25/2019 09:00 AM/DISC: 04/25/2019 09:01 AM

http://www.businesswire.com/news/home/20190425005297/en

One of the best things about Kali is the fact that it doesn’t require you to install the OS in your hard drive — it uses a live image that can be loaded in your RAM memory to test your security skills with the more than 600 ethical hacking tools it provides.

It includes numerous security-hacker tools for information gathering, vulnerability analysis, wireless attacks, web applications, exploitation tools, stress testing, forensic tools, sniffing and spoofing, password cracking, reverse engineering, hardware hacking and much more.

We’ve previously explored the Top 20 OSINT Tools available, and today we’ll go through the list of top-used Kali Linux software. Let’s begin!

The 25 most popular Kali Linux tools

For ease of reference, we’ll divide the most-used software of Kali Linux into five distinct categories: information gathering, vulnerability scanning, wireless analysis tools, password crackers, exploitation tools and stress testing.

1. Nmap

Nmap is the world’s most famous network mapper tool. It allows you to discover active hosts within any network, and acquire other information (such as open ports) relevant to penetration testing.

Main features:

  • Host discovery: useful for identifying hosts in any network
  • Port scanning: lets you enumerate open ports on the local or remote host
  • OS detection: useful for fetching operating system and hardware information about any connected device
  • App version detection: allows you to determine application name and version number
  • Scriptable interaction: extends Nmap default capabilities by using Nmap Scripting Engine (NSE)

Ready to unleash the power of Nmap? Check out our list of Top 15 Nmap Commands.

2. Netcat

Netcat is a network exploration application that is not only popular among those in the security industry, but also in the network and system administration fields.

While it’s primarily used for outbound/inbound network checking and port exploration, it’s also valuable when used in conjunction with programming languages like Perl or C, or with bash scripts.

Netcat’s main features include:

  • TCP and UDP port analysis
  • Inbound and outbound network sniffing
  • Reverse and forward DNS analysis
  • Scan local and remote ports
  • Fully integrated with terminal standard input
  • UDP and TCP tunnelling mode

3. Unicornscan

Licensed under the GPL license, Unicornscan is one of the best infosec tools used for information gathering and data correlation. It offers advanced asynchronous TCP and UDP scanning features along with very useful network discovery patterns that will help you to find remote hosts. It can also reveal details about the software running by each one of them.

Main features include:

  • TCP asynchronous scan
  • Asynchronous UDP scan
  • Asynchronous TCP banner detection
  • OS, application and system service detection
  • Ability to use custom data sets
  • Support for SQL relational output

4. Fierce

Fierce is a great tool for network mapping and port scanning. It can be used to discover non-contiguous IP space and hostnames across networks.

It’s similar to Nmap and Unicornscan, but unlike those, Fierce is mostly used for specific corporate networks.

Once the penetration tester has defined the target network, Fierce will run several tests against the selected domains to retrieve valuable information that can be used for later analysis and exploitation.

Its features include:

  • Ability to change DNS server for reverse lookups
  • Internal and external IP ranges scanning
  • IP range and entire Class C scanning
  • Logs capabilities into a system file
  • Name Servers discovery and Zone Transfer attack
  • Brute force capabilities using built-in or custom text list

5. OpenVAS

OpenVAS (Open Vulnerability Assessment System) was developed by part of the team responsible for the famous Nessus vulnerability scanner. Licensed under the GLP license, it’s free software that anyone can use to explore local or remote network vulnerabilities.

This security tool allows you to write and integrate your own security plugins to the OpenVAS platform — even though the current engine comes with more than 50k NVTs (Network Vulnerability Tests) that can literally scan anything you imagine in terms of security vulnerabilities.

Main features:

  • Simultaneous host discovery
  • Network mapper and port scanner
  • Support for OpenVAS Transfer Protocol
  • Fully integrated with SQL Databases like SQLite
  • Scheduled daily or weekly scans
  • Exports results into XML, HTML, LateX file formats
  • Ability to stop, pause and resume scans
  • Full support for Linux and Windows

6. Nikto

Written in Perl and included in Kali Linux, Nikto iworks as a complement to OpenVAS and other vulnerability scanners.

Nikto allows penetration testers and ethical hackers to perform a full web server scan to discover security flaws and vulnerabilities. This security scan gathers results by detecting insecure file and app patterns, outdated server software and default file names as well as server and software misconfigurations.

It includes support for proxies, host-based authentication, SSL encryption and much more.

Main features include:

  • Scans multiple ports on a server
  • IDS evasion techniques
  • Outputs results into TXT, XML, HTML, NBE or CSV.
  • Apache and cgiwrap username enumeration
  • Identifies installed software via headers, favicons and files
  • Scans specified CGI directories
  • Uses custom configuration files
  • Debug and verbose output.

7. WPScan

WPScan is recommended for auditing your WordPress installation security. By using WPScan you can check if your WordPress setup is vulnerable to certain types of attacks, or if it’s exposing too much information in your core, plugin or theme files.

This WordPress security tool also lets you find any weak passwords for all registered users, and even run a brute force attack against it to see which ones can be cracked.

WPScan receives frequent updates from the wpvulndb.com WordPress vulnerability database, which makes it a great software for up-to-date WP security.

What can you do with WPScan?

  • Non-intrusive security scans
  • WP username enumeration
  • WP bruteforce attack & weak password cracking
  • WP plugins vulnerability enumeration
  • Schedule WordPress security scans

Are you interested in WordPress security? Check out our blog post on asking exactly that: Is WordPress secure?

8. CMSMap

Unlike WPScan, CMSMap aims to be a centralized solution for not only one, but up to four of the most popular CMS in terms of vulnerability detection.

CMSmap is an open source project written in Python that helps automate the process of vulnerability scanning and detection in WordPress, Joomla, Drupal, and Moodle.

This tool is not only useful for detecting security flaws in these four popular CMS but also for running actual brute force attacks and launching exploits once a vulnerability has been found.

Main features include:

  • Supports multiple scan threats
  • Ability to set custom user-agent and header
  • Support for SSL encryption.
  • Verbose mode for debugging purposes
  • Saves output in a text file.
Web stress test tool

9. Fluxion

Fluxion is a WiFi analyzer that specializes in MITM WPA attacks.

It allows you to scan wireless networks, searching for security flaws in corporate or personal networks.

Unlike other WiFi cracking tools, Fluxion does not launch any brute force cracking attempts that usually take a lot of time.

Instead, it spawns an MDK3 process which forces all users connected to the target network to deauthenticate. Once this is done, the user is prompted to connect to a fake access point, where they will enter the WiFi password. Then the program reports the password to you, so you can gain access.

Stay in the loop with the best infosec news, tips and tools

Dns server test online

Follow us on Twitter to receive updates!

10. Aircrack-ng

Aircrack-ng is a wireless security software suite. It consists of a network packet analyzer, a WEP network cracker, and WPA / WPA2-PSK along with another set of wireless auditing tools. Here are the most popular tools included in the Aircrack-ng suite:

  • Airmon-Ng: converts your wireless card into a wireless card in a promiscuous way
  • Airmon-Ng: captures packages of desired specification, and t is particularly useful in deciphering passwords
  • Aircrack-Ng: used to decrypt passwords — able to use statistical techniques to decipher WEP and dictionaries for WPA and WPA2 after capturing the WPA handshake
  • Aireplay-Ng: can be used to generate or accelerate traffic in an access point
  • Airdecap-Ng: decrypts wireless traffic once we the key is deciphered
Stress

Main features:

  • Support for WEP, WPA/WPA2-PSK passwords
  • Fast WEP and WPA password decryption
  • Packet sniffer and injector
  • Ability to create a virtual tunnel
  • Automated WEP key password recovery
  • Password list management

11. Kismet Wireless

Kismet Wireless is a multi-platform free Wireless LAN analyzer, sniffer and IDS (intrusion detection system).

It’s compatible with almost any kind of wireless card. Using it in sniffing mode allows you to work with wireless networks such as 802.11a, 802.11b, 802.11g, and 802.11n.

Kismet Wireless runs natively in Windows, Linux and BSD operating systems (FreeBSD, NetBSD, OpenBSD, and MacOS).

Main features:

  • Ability to run in passive mode
  • Easy detection of Wireless clients and access points
  • Wireless intrusion detection system
  • Scans wireless encryption levels for a given AP
  • Supports channel hopping
  • Network logging

12. Wireshark

Wireshark is an open source multi-platform network analyzer that runs Linux, OS X, BSD, and Windows.

It’s especially useful for knowing what’s going on inside your network, which accounts for its widespread use in government, corporate and education industries.

It works in a similar manner as tcpdump, but Wireshark adds a great graphical interface that allows you to filter, organize and order captured data so it takes less time to analyze. A text-based version, called tshark, is comparable in terms of features.

Main features include:

  • GUI-friendly interface
  • Packet live capture and offline analysis
  • Full protocol inspection
  • Gzip compression and decompression on the fly
  • Full VoIP analysis
  • Decryption support for IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
  • Reading capture file formats such as tcpdump (libpcap), Pcap NG, Catapult DCT2000, Cisco Secure IDS iplog and many others

13. John the Ripper

John the Ripper is a multi-platform cryptography testing tool that works on Unix, Linux, Windows and MacOS. It allows system administrators and security penetration testers to launch brute force attacks to test the strength of any system password. It can be used to test encryptions such as DES, SHA-1 and many others.

Its abilities to change password decryption methods are set automatically, depending on the detected algorithm.

Licensed and distributed under the GPL license, it’s a free tool available for anyone who wants to test their password security.

Main features include:

  • Dictionary attacks and brute force testing
  • Compatible with most operating systems and CPU architectures
  • Can run automatically by using crons
  • Pause and Resume options for any scan
  • Lets you define custom letters while building dictionary attack lists
  • Allows brute force customization rules

14. THC Hydra

THC Hydra is a free hacking tool licensed under AGPL v3.0, widely used by those who need to brute force crack remote authentication services.

As it supports up to more than 50 protocols, it’s one of the best tools for testing your password security levels in any type of server environment.

It also provides support for most popular operating systems like Windows, Linux, Free BSD, Solaris and OS X.

Main features:

Dns Server Stress Test Tool Kit

  • Ultrafast password cracking speed
  • Runs on multiple operating systems
  • Ability to launch parallel brute force cracking attacks
  • Module-based application allows you to add custom modules
  • Support for multiple protocols such as CVS, FTP, HTTP, HTTPS, HTTP-Proxy, IMAP, IRC, LDAP, MS-SQL, MySQL, etc.

15. findmyhash

Written in Python, findmyhash is a free open-source tool that helps to crack passwords using free online services.

It works with the following algorithms: MD4, MD5, SHA1, SHA225, SHA256, SHA384, SHA512, RMD160, GOST, WHIRLPOOL, LM, NTLM, MYSQL, CISCO7, JUNIPER, LDAP_MD5, and LDAP_SHA1. It also supports multi-thread analysis for faster speed and algorithm recognition from the hash value.

Main features include:

  • Empty hashes recognition
  • Reads input from a text file
  • Ability to escape special characters
  • Cracks single or multiple hashes.
  • Password hash search on Google
  • Pause and Resume options
  • Saves the results in a file.

16. RainbowCrack

RainbowCrack is a password cracking tool available for Windows and Linux operating systems.

Unlike other password cracking tools, RainbowCrack uses a time-memory tradeoff algorithm to crack hashes along with large pre-computed “rainbow tables” that help to reduce password cracking time.

Features include:

  • Available rerminal-based and GUI-friendly interface
  • Works well with multi-core processors
  • Rainbow table generation, sort, conversion and lookup
  • Support for GPU acceleration (Nvidia CUDA and AMD OpenCL)
  • Support rainbow table of any hash algorithm and charset.
  • Support rainbow table in raw file format (.rt) and compact file format (.rtc).

17. Metasploit Framework

Metasploit Framework is a Ruby-based platform used to develop, test and execute exploits against remote hosts. It includes a full collection of security tools used for penetration testing, along with a powerful terminal-based console — called msfconsole — which allows you to find targets, launch scans, exploit security flaws and collect all available data.

Available for Linux and Windows, MSF is probably one of the most powerful security auditing tools freely available for the infosec market.

What can you do with Metasploit Framework?

  • Network enumeration and discovery
  • Evade detection on remote hosts
  • Exploit development and execution
  • Work with the MFSconsole
  • Scan remote targets
  • Exploit vulnerabilities and collect valuable data

18. Social Engineering Toolkit

Available for Linux and Mac OS X, the Social Engineering Toolkit (known as SET) is an open-source Python-based penetration testing framework that will help you launch Social-Engineering attacks in no time.

Have you ever wondered how to hack social network accounts? Well, SET has the answer — it’s indispensable for those interested in the field of social engineering.

What kind of attacks can I launch with SET?

  • WiFi AP-based attacks: this kind of attack will redirect or intercept packets from users using our WiFi network
  • SMS and email attacks: here, SET will try to trick and generate a fake email to get social credentials
  • Web-based attacks: lets you clone a web page so you can drive real users by DNS spoofing or phishing attacks
  • Creation of payloads (.exe): SET will create a malicious .exe file that, after executed, will compromise the system of the user who clicks on it

Highlighted features include:

  • Fast penetration testing
  • Integration with third-party modules
  • Phishing attack generator
  • Launch QRCode attacks
  • Support for Powershell attack vectors

19. BeEF

BeEF stands for The Browser Exploitation Framework,a powerful penetration testing tool that relies on browser vulnerabilities and flaws to exploit the host.

Unlike other Kali cybersecurity tools, it focuses on the browser side, including attacks against mobile and desktop clients, letting you analyze exploitability of any Mac and Linux system.

You’ll be able to select specific modules in real-time to audit your browser security.

Tool

BeEF requirements:

  • OS: Mac OS X 10.5.0 or higher / modern Linux
  • Ruby 2.3 or newer
  • SQLite 3.x
  • Node.js 6 or newer

Main features:

  • Web and console UI
  • Metasploit integration
  • Modular structure
  • Interprocess communication & exploitation
  • History gathering and intelligence
  • Host and network reconnaissance
  • Ability to detect browser plugins

20. Yersinia

Yersinia is a security network tool that allows you to perform L2 attacks by taking advantage of security flaws in different network protocols.

This tool can attack switches, routers, DHCP servers and many other protocols. It includes a fancy GTK GUI, ncurses-based mode, is able to read from a custom configuration file, supports debugging mode and offers to save results in a log file.

Supported network protocols:

  • 802.1q and 802.1x Wireless LANs
  • Cisco Discovery Protocol (CDP)
  • Dynamic Host Configuration Protocol (DHCP)
  • Dynamic Trunking Protocol (DTP)
  • Inter-Switch Link Protocol (ISL)
  • Hot Standby Router Protocol (HSRP)
  • Spanning Tree Protocol (STP)
  • VLAN Trunking Protocol (VTP)

21. DHCPig

DHCPig is a DHCP exhaustion application that will launch an advanced attack in order to consume all active IPs on the LAN.

It also prevents new users from getting IPs assigned to their computers. Works pretty well attacking Linux LANs as well as Windows 2003, 2008, etc.

In fact, DHCPig doesn’t require any installation, as it is a tiny script; it only requires scapy library installed on your system, and it includes support for ipv4 and ipv6.

Dns Server Repair Tool

What can you do with DHCPig?

  • Detect/print DHCP replies
  • Detect/print ICMP requests
  • Discover and create a network map of your neighbours’ IPs
  • Request all possible IP addresses in a zone
  • Create a loop and send DHCP requests from different MAC addresses
  • Explore your neighbours’ MAC & IP addresses
  • Release IPs and MAC address from the DHCP server
  • ARP for all neighbours on that LAN
  • Knock off network on Windows systems

22. FunkLoad

Written in Python, FunkLoad is a popular web-stress tool that works by emulating a fully functional web browser. It’s highly useful for testing web projects and seeing how well they react in terms of web server performance.

FunkLoad allows full performance testing to help you identify possible bottlenecks within your web apps and web servers, at the same time testing your application recoverability time.

Main FunkLoad features include:

  • Real web browser emulation (including GET/POST/PUT/DELETE, DAV, cookie, referer support, etc)
  • Command-line advanced tests
  • Full benchmarking reports in PDF, HTML, ReST, Org-mode
  • Benchmark differential comparison between 2 results
  • Test customization using a configuration file
  • Full support for popular servers such as PHP, Python, Java

23. SlowHTTPTest

SlowHTTPTest is one of the most popular web-stress applications used to launch DOS attacks against any HTTP server. This type of security tool focuses on sending low-bandwidth attacks to test your web-server health and response times. It includes statistics of all your tests and allows you to run multiple types of attacks such as:

  1. Apache Range Header.
  2. Slow Read.
  3. Slow HTTP POST.
  4. Slowloris.

Main features include:

  • Saving statistics output in HTML and CSV files
  • Setting verbose level (0-4)
  • Targeting custom number of connections
  • Setting HTTP connection rate (per seconds)
  • Proxy traffic redirection

24. Inundator

Inundator is a multi-threaded IDS evasion security tool designed to be anonymous. By using TOR it can flood intrusion detection systems (especially with Snort) causing false positives, which hide the real attack taking place behind the scenes t. By using SOCKS proxy it can generate more than 1k false-positives per minute during an attack.

The main goal of Inundator is to keep your security team busy dealing with false positives while a real attack is happening.

Inundator features and attributes include:

  • Multi-threaded capabilities
  • Full SOCKS support
  • Anonymization-ready
  • Support of multiple targets
  • Queue-based

25. t50

Dns Server Stress Test Tool Set

t50 is another web-stress testing tool included with Kali Linux distribution. It can help you test how your websites, servers and networks react under high load average during an attack.

It’s one of the few security tools capable of encapsulating protocols using GRE (Generic Routing Encapsulation), and supports up to 14 different protocols. The t50 package also lets you send all protocols sequentially using one single SOCKET.

t50 features:

Tool
  • DoS and DDoS attacks simulator
  • Main supported protocols include TCP, UDP, ICMP, IGMP, etc.
  • Up to 1,000,000 pps of SYN Flood if using Gigabit network
  • Up to 120k pps of SYN Flood if using 100Mbps network

Dns Server Stress Test Tool Harbor Freight

Summary

We’ve said it before in our post How web software gets hacked: a History of Web Exploits: “Internet has no future without hacking”.

Nowadays Kali Linux offers what are probably the best ethical hacking and penetration testing suites in the world. Thanks to their extensive documentation, community and tools, starting in the infosec world is not as hard as it was 20 years ago; nowadays you can find pre-built tools for almost anything you imagine.

By implementing these Kali Linux tools, your software company will have more ways to test and increase the security of your web applications and systems — by identifying security flaws before the bad guys do.

We at SecurityTrails are focused on creating a powerful security platform that includes domain automation lists, forensic DNS tools and IP exploration utilities as never seen before. Our information gathering and intel reconnaissance data, combined with security distributions like Kali, can make your daily security tasks way easier than ever.

Dns Server Stress Test Tool Free

Are you ready to start using our cybersecurity treasure trove? Grab a free API account today or contact us for consultation.

Esteban is a seasoned security researcher and cybersecurity specialist with over 15 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.

Get the best cybersec research, news, tools,
and interviews with industry leaders