Wreckuests – Tool to run DDoS atacks with HTTP-flood

Wreckuests is a script, which allows you to run DDoS attacks with HTTP-flood(GET/POST). It’s written in pure Python and uses proxy-servers as “bots”. OF COURSE, this script is not universal and you can’t just drop Pentagon/NSA/whatever website with one mouse click. Each attack is unique, and for each website you’ll gonna need to search for vulnerabilities and exult them, which might result in hardcoding, nosleeping, etc… Yeap, this is your dirty and ungrateful part of job.

Warning: This script is published for educational purposes only! Author will accept no responsibility for any consequence, damage or loss which might result from use.


Cache bypass with random ?abcd=efg parameter

CloudFlare detection and notification of

Automatic gzip/deflate toggling

HTTP Authentication bypass

UserAgent substitution

Referers randomizer

HTTP proxy support


Python 3.5+

Requests 2.10.0 or higher

netaddr (tested with 0.7.19)


This is so easy to install Wreckuests just in one command. Isn’t it?
Ubuntu 16.04
apt-get update && apt-get dist-upgrade && apt-get install python3 && apt-get install python3-pip && pip3 install –upgrade pip && pip3 install requests && pip3 install netaddr
Note: pip3 may install requests 2.9.1. Just run pip3 install –upgrade requests to upgrade requests to the latest version.UsageType under sudo mode:
python3 wreckuests.py -v -a -t
Possible parameters:-h or –help:Prints a message with possible parameters.-v or –victim:Specifies a link to the victim’s site page. It could be the website’s main page, someone’s profile, .php-file or even image. Everything that has a lot of weight or is hard for server to give. The choice is yours.-a or –auth:Parameter for bypassing authentication. You’r victim could enable basic HTTP authentication and his website will ask you to enter login and password in popup window. Victim may previously publish login and password data for his users in VK/FB/Twitter and whatever social network.-t or –timeout(defalut: 10):Parameter to control connection’n’read timeout. This option also controls terminating time. Note: if you set timeout=1 or somewhere about 2-3 seconds, the slow(but still working) proxies will not have any time to even connect to your victim’s website and will not even hit it. If you still do not understand how it works – do not change this option. Also, this parameter regulates the intensiveness of requests you sending. So, if you sure your proxies are fast enough – you can reduce this value. Use this accordingly.ImportantA separate thread is created for each proxy address. The more proxies you use – the more threads you create. So, please, do not use way too much proxies. Otherwise, the script may exit abnormaly by meeting segmentation fault.
Download wreckuests


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s