Ahmet Göker
5 min readJan 24, 2022


Hey amazing hackers,

welcome back to my blogpost today I am going to explain some DDOS attacks and tools.Please consider to clap and subscribe my YouTube channel. Thus lets get started.

Taxonomy of DDOS

A DDOS attack not only has the potential to make target run out of resources but also has the capability to exhaust then on the intermediate networking path. A DDoS attack has a vast taxonomy as it has many variants so lets talk a little bit :)


what I going to explain is about 3 types of DDOS attacks, namely, voluminous or flooding attack, protocol-based attack, and application layer attack.

Voluminous attack

In this attack, dummy data requests are generated in ample amount from multiple distributed sources and directed towards a specific node. The main motive of an attacker is to deplete the bandwidth of the targeted node. The attacker takes advantages of the fact that the internet structure is meant for functionality and not for providing security to the user

Protocol-based attack

In the OSI reference model every layer has a stack of protocols and every protocol exhibits some vulnerabilities and loopholes. In protocol-based attack, the attackers take the advantage of these vulnerabilities to perform a DDos attack, they tend to exploit mainly layer 3 and 4 protocols to exhaust the processing capabilities and memory of the target node.

I will show you some attack types whereby you are able to understand easily here is the table;

Now lets read further about our next DDos attack, which is “Application layer attack”

Application layer attack

This attack targets the seventh layer of the OSI reference model by obfuscating the web application. This attack is relatively more descructive than the other two types of attacks as it has the capability to ingest network adn server resources at the same time. Applicatiom layer attack are the most exploited by attackers to perform floofing DDoS attack. As always I will show you some figure that you can understand the types of them.

HTTP flood attack;

now lets talk about; Classification based on degree of automation

Classification based on degree of automation

DDos attacks can be classified into three categories based on the degree of automation, namely, manuel, semiautomatic, and automatic, which I am going to talk about:)

Manuel attack

All phases of the DDOs attack are performed manually in this attack. This method was used during early days, but nowadays, it has become obsolete.

Semiautomatic attack

In this type of attack, agent-handler and master-slave botnet architecture are used. An attacker tends to find out the vulnerable systems usuing automated scanning, scripts, and then, malicious code inserted into these systems. Further, the attacker instructs these bots to target a specific node through handlers or masters

an attacker has to reply on some reliable communication protocols between the handlers to avoid the detectability of the botnet

Automatic attack

In automatic attack, unlike manual and semiautomatic attacks, all phases of DDOS attack are carried out without any intervention of an attacker, malicious codes programmed with relevant information regarding attack is used to infect the machines

Classification Based on Vulnerability exploited

Weaknesses of the system, protocols and network have always been exploited by the attackers to perform different variants of DDOS attacks

Volumentric Attack

A large number of dummy data requests are forwarded towards the victim to deplete its bandwidth as I mentioned above of the blog:)

Amplification Attack

In this attack, the broadcasting feature of an IP network is exploited to scale up size and frequency of a DDOS attack. An attacker tries to generate a small service request, but ensures that the response must have a larger payload size resulting in the exhaustion of resources at server side.

Deformed-Based attack

ın this attack. the IP header of the data packet is falsified or tampered and then, forwarded to the victim node

Protocol-Based attack

In this attack. Vulnerabilty of layers 3 and 4 are exploited to target processing capability and memory of the target node.

Lastly, want also talk about some attack tools because; there exist many freely available DDOs attacking tools online. An attacker with naive knowledge and slight modifications can carry out a DDOs attack

I will show you some attack tools here :) and also resources which you can be used however, for educational purposes only please!!!

Mstream (TCP ACK)





pyLoris (PYLORİS)



and more…. of course for a quick research you’ll be able to find much more resources etc.. please read the instructions before the exploitation part :)

We are at the end of this topic, I slightly covered some useful information about DDOs attacks but please keep in your mind what I covered is based only for educational purposes, I am not responsible for any malicious activities of yours ….

Thank you so much for reading this blog, I will try to do my best to explain what ı have been learning about the methodology of hacking world and such kind attacks:)

Please consider to subscribe my Youtube channel for more awesome contents however, I am not a professional developers or expert but yet still push myself toward to this field. I am going to close this topic with an inspirational quotes of Kevin Mitnick;

It’s true, I had hacked into a lot of companies, and took copies of the source code to analyze it for security bugs. If I could locate security bugs, I could become better at hacking into their systems. It was all towards becoming a better hacker.

Kevin Mitnick

Ahmet Göker | Malware researcher | DDOS lover | network security | CTF player | lifeless geeky computer freak | Youtuber | Blogger

Youtube :


Many Thanks :)



Ahmet Göker

🦀 Reverse-Engineering 🦀Binary-Exploitation 🦀 Hardware programming 🦀Computer scientist