30 open-source projects similar to matrixtm/mhddos, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best MHDDoS alternative.
Impulse is a denial-of-service attack framework and network stress testing tool designed to execute resource saturation and traffic amplification against targeted systems. It provides a collection of scripts to simulate high-volume traffic and evaluate system stability across various network protocols. The tool includes specialized capabilities for traffic amplification, using public servers to reflect and multiply network traffic directed at a specific IP address. It also features utilities for disrupting communication services through the mass transmission of email messages and mobile telep
This project serves as a comprehensive educational repository and technical reference collection, documenting a wide range of software engineering practices and modern development technologies. It provides a structured learning path for developers, curating tutorials and practical examples that cover the full lifecycle of application development, from initial project scaffolding to deployment and maintenance. The repository distinguishes itself by offering deep technical insights into complex architectural patterns, including actor-based concurrency models for managing parallel tasks and cont
k6 is a performance testing framework used to measure the scalability and stability of network services and APIs. It functions as a JavaScript load testing tool that uses a Go engine to simulate concurrent user traffic. The tool enables the enforcement of service level objectives by comparing response time percentiles against quantitative performance thresholds. It also operates as a performance regression tool for continuous integration pipelines and a browser performance testing tool that executes scripts within a bundled headless browser instance. Its capabilities cover workload scenario
The Web Application Security Testing Guide is an open-source security testing standard and comprehensive framework of procedures for identifying vulnerabilities in web applications and services. It serves as a vulnerability assessment methodology and a web API security audit framework, providing a structured approach for conducting consistent and thorough security audits of web-based software. The project utilizes a methodology-based audit framework and checklist-driven workflows to ensure repeatable discovery and exploitation steps. It organizes security tests through taxonomy-based vulnerab
Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili
Apache JMeter is a Java-based performance testing tool and multi-protocol traffic simulator used to analyze the stability and scalability of servers and networks. It functions as a distributed load testing framework that coordinates remote worker nodes from a single controller to generate high volumes of concurrent traffic. The project is distinguished by its ability to simulate traffic across diverse backend systems, including HTTP, JDBC, LDAP, JMS, FTP, and TCP. It provides a headless command-line interface for automated execution and a reporting system that transforms raw sample logs into
Vegeta is an HTTP load testing tool and library designed to measure the performance and stability of web services. It functions as a command-line utility, a programmable package for integration into other applications, and a distributed load generator capable of splitting request rates across multiple machines. The tool is distinguished by its constant-rate request scheduler, which dispatches requests at a fixed frequency regardless of target response times. It employs lazy target streaming to maintain low memory usage during large tests and uses a binary-encoded storage format to minimize di
hacker-scripts is a multi-purpose toolkit comprising a security vulnerability testing suite, a keyword-driven email automator, and a TCP remote hardware controller. It provides a collection of scripts for identifying security weaknesses and conducting controlled hacking experiments across multiple programming language environments. The system automates email workflows by scanning headers and bodies for specific strings to trigger server responses and sends randomized text and email alerts based on system activity. It also enables remote hardware control by sending binary commands over network
Subfinder is a security reconnaissance framework designed for subdomain enumeration and attack surface management. It functions as a discovery engine that identifies and maps internet-exposed infrastructure, cloud-hosted assets, and network ranges to maintain a comprehensive inventory of an organization's digital footprint. The project distinguishes itself through a modular, template-driven scanning engine that executes security checks against discovered assets. It leverages cloud-native asset discovery to query provider APIs and infrastructure metadata, while supporting distributed agent orc
PentestGPT is an autonomous security testing framework that leverages large language models to plan, execute, and coordinate end-to-end penetration testing engagements. By functioning as an autonomous agent, the system automates the entire testing lifecycle, from initial reconnaissance and vulnerability analysis to the generation of custom exploits and the execution of post-exploitation tasks. The platform distinguishes itself through a multi-agent orchestration system that coordinates specialized AI agents to collaborate on complex, multi-stage attack chains. It integrates multimodal context
Semgrep is a static analysis security testing tool designed to identify vulnerabilities and logic errors by matching source code against declarative patterns. It functions as an automated scanner that integrates into development workflows to detect insecure code patterns and enforce coding standards before deployment. The engine utilizes a language-agnostic intermediate representation and a modular parser architecture to normalize diverse programming languages into a unified format. This allows for consistent rule execution across different codebases, enabling users to perform custom structur
Hey is a command-line utility designed for HTTP load testing and API performance benchmarking. It functions as a concurrent request generator that simulates high volumes of traffic against target endpoints to evaluate service responsiveness, throughput, and stability under load. The tool distinguishes itself by integrating specialized modules for cryptographic request signing and internal service authorization. It supports the generation of digital signatures for decentralized social protocols and validates backend requests using shared secret tokens, allowing for secure interaction with prot
MikuMikuBeam is a hybrid command-line and web-based tool for launching configurable network stress tests with real-time monitoring and plugin extensibility. It provides a modular pipeline for constructing and executing network attacks, supporting configurable parameters such as target, packet size, duration, and delay. The tool distinguishes itself through a dual-mode configuration interface that allows attack parameters to be set via both a web UI and command-line arguments, with CLI providing colored real-time output. It features isolated client session management where each browser tab spa
Anteon is a distributed load testing platform and automated performance testing suite designed to simulate high-traffic user scenarios and measure system performance across multiple global locations. It functions as an infrastructure anomaly detector and a service dependency mapper, providing a performance monitoring dashboard to track real-time resource usage across cluster instances. The project distinguishes itself by combining distributed traffic generation with service dependency mapping to identify system bottlenecks through network-level tracing. It incorporates an automated validation
Locust is a distributed performance testing framework that allows users to define complex system stress scenarios using standard Python code. By modeling concurrent users as classes with weighted tasks and lifecycle hooks, it enables the simulation of realistic user behavior across large-scale environments. The tool functions as a scalable load generator capable of orchestrating traffic across multiple worker nodes to measure system stability and responsiveness under heavy, real-world conditions. The framework is distinguished by its protocol-agnostic architecture, which supports diverse comm
This project is a command-line utility designed for HTTP load testing and network stress testing. It functions as a benchmarking tool that generates high volumes of concurrent traffic to evaluate the performance, reliability, and throughput capacity of web applications and APIs under sustained load. The tool allows for precise control over traffic generation by enabling users to configure request parameters, including custom headers, authentication credentials, and specific HTTP methods. It manages load through a worker-pool system that regulates request frequency, allowing for both time-boun
Mininet is a network emulator that creates virtual networks of hosts, switches, and links on a single Linux machine for Software-Defined Networking (SDN) prototyping and testing. It emulates network nodes as lightweight processes in isolated network namespaces, connecting them via virtual Ethernet pairs, and supports OpenFlow protocol for programmable control of virtual switches and traffic flows. The project enables users to design custom network topologies using a Python API, simulate link conditions such as bandwidth, delay, and packet loss, and run real Linux applications and kernel code
Atomic Red Team is an adversary simulation tool and detection validation suite designed to emulate attacker behaviors. It functions as a security control testing framework that uses a library of portable tests to verify if security monitoring and alerting systems correctly identify specific malicious techniques. The project serves as a MITRE ATT&CK emulation framework, mapping individual test executions to a standardized industry taxonomy of adversary behaviors. This mapping allows for the validation of security controls against the MITRE ATT&CK matrix to identify gaps in detection and respon
dperf is a high-performance network testing tool that generates massive multi-protocol traffic for benchmarking network devices and servers. It uses DPDK to bypass the kernel network stack, enabling line-rate packet generation and capture with zero-copy processing, and implements a full TCP/IP stack in user space to achieve millions of connections per second from a single server. The tool is designed for stress-testing Layer 4 load balancers and gateways, capable of simulating billions of concurrent TCP or UDP sessions and generating tens of millions of new connections per second. It supports
This project is a web application security standard and vulnerability framework. It provides a comprehensive list of the most critical security risks facing web applications, paired with technical guidance and a structured methodology for identifying and mitigating these flaws. The framework functions as a secure coding guide and a risk assessment methodology, offering a standardized approach to prioritizing vulnerabilities based on their potential impact and likelihood of exploitation. It defines architectural patterns and technical recommendations to help developers implement defense in dep
Scapy is a network packet manipulation tool and protocol analysis suite designed for crafting, sending, sniffing, and dissecting network traffic. It functions as a framework for building custom network tools that interact directly with low-level packet headers and payloads, enabling users to perform security research and network diagnostics. The system distinguishes itself through a layer-based construction model that allows users to define protocols as stacked objects, which automatically handle checksums and field offsets. It utilizes dynamic field reflection to map packet structures to bin
This project is a standardized repository of malicious and malformed character sequences designed to stress-test data parsing and sanitization routines. It serves as a security testing corpus and a language-neutral reference for auditing software robustness against injection flaws and unexpected data handling errors across diverse platforms. The dataset functions as a benchmark for input validation, providing a curated collection of edge-case strings that allow developers to identify potential crashes and security vulnerabilities. By decoupling these test vectors from application logic, the r
Mobile Security Framework is an automated security testing platform designed for the analysis of Android, iOS, and Windows mobile application binaries. It functions as a comprehensive suite for identifying security vulnerabilities, privacy risks, and malicious code within mobile software packages. The framework distinguishes itself by combining static and dynamic analysis techniques to evaluate application behavior. It performs static inspection of source code and binaries to detect insecure patterns, while simultaneously utilizing dynamic instrumentation and containerized sandboxing to monit
This project is a performance benchmarking framework and network protocol stress tester designed to evaluate system stability under high-concurrency conditions. It functions as a command-line utility that simulates massive volumes of simultaneous requests to identify infrastructure bottlenecks and verify service reliability. The tool distinguishes itself through its protocol-agnostic orchestration, which allows for load testing across diverse standards including HTTP, WebSocket, gRPC, and Radius. It supports complex request configurations, enabling users to inject custom headers, binary data,
k6 is a developer-centric load testing suite and command-line load generator designed for network performance validation. It functions as a JavaScript load testing tool that utilizes a Go-based runtime engine to simulate concurrent user traffic and validate API responses across HTTP, gRPC, and WebSockets. The project distinguishes itself by using code rather than a graphical interface to define workload scenarios and performance thresholds. It features a pluggable protocol architecture and an extension ecosystem that allows for the addition of custom protocols and specialized testing capabili
Gatling is a load testing framework and traffic generation engine used to measure response times and error rates under heavy load. It functions as an as-code testing library, allowing users to define high-volume traffic simulations and performance tests through programming languages rather than graphical interfaces. The system enables multi-language load simulation and the ability to model concurrent user traffic to identify infrastructure bottlenecks and stability limits. It supports a test-as-code workflow, where version-controlled scripts are integrated into build pipelines as performance
Trippy is a network diagnostic tool and terminal user interface that combines ping and traceroute functionality to analyze network paths and performance. It provides a network packet parser and path analyzer to detect packet loss, jitter, and multipath routing through continuous network probing. The project is distinguished by its support for specialized tracing strategies, including Paris and Dublin, to ensure consistent path discovery. It identifies network address translation devices and utilizes heuristic analysis to distinguish genuine packet loss from rate-limiting. Broad capability ar
Aircrack-ng is a wireless security auditing suite used for monitoring, attacking, testing, and cracking wireless network encryption keys and passwords. It functions as an 802.11 packet analysis tool, a wireless frame injection tool, and a network mapper to identify vulnerabilities and active clients within a wireless environment. The suite includes a dedicated WPA/WPA2 password cracker that recovers network keys by analyzing captured handshakes through dictionary and brute-force attacks. It enables the construction and transmission of fabricated 802.11 packets to trigger specific network resp
Gor is a set of specialized utilities for recording, replaying, and shadowing network traffic to validate system behavior under real-world conditions. It functions as an HTTP traffic recording tool, a network traffic capture engine, and a system for duplicating live production traffic. The project provides capabilities for recording real-time HTTP network traffic and storing it for later playback or analysis. It can duplicate live production network traffic and redirect it to a staging environment in real time, or replay recorded network requests against a target environment to validate syste
MTR is a network diagnostic tool that combines the functions of traceroute and ping to monitor packet loss and latency across every hop in a network path. It serves as an ICMP route analyzer and packet loss monitor designed to discover network paths and measure the performance of intervening routers. The tool functions as a network path visualizer, displaying real-time network health and connectivity data through either a text-based terminal interface or a graphical window. The project covers network path mapping and real-time path tracing to identify routers between a host and destination.