HTTP DoS stress testing tool using keep-alive connections and randomization for capacity testing
IntermediateInteractive Dual Perspective
GoldenEye is a Python-based HTTP Denial-of-Service (DoS) stress testing tool that uses keep-alive connections and randomization to exhaust web server resources. It tests application-layer resilience by simulating legitimate traffic patterns at high volume.
🔴 RED TEAM: Offensive Usage
Test web application availability under stress. Identify resource exhaustion vulnerabilities. Demonstrate DoS impact on business operations. Combine with reconnaissance to target specific vulnerable endpoints.
🔵 BLUE TEAM: Defensive Usage
Validate rate limiting and DDoS mitigation controls (WAF, CDN, load balancers). Test incident response to availability attacks. Benchmark server capacity and identify bottlenecks. Train SOC on HTTP flood detection patterns.
🟣 PURPLE TEAM: Collaborative Testing
Red executes graduated DoS tests while Blue monitors traffic patterns, server metrics, and mitigation effectiveness. Jointly tune rate limiting, WAF rules, and alerting thresholds for optimal protection without false positives.
Interactive Simulation
Configure stress tests and measure server capacity
Configure DoS Test
10 (Low)100 (Medium)200 (High)
Warning: Only test systems you own or have written authorization to test. Unauthorized DoS is illegal.