
| **Hulk is meant for educational and research purposes only.
Any malicious usage of this tool is prohibited.
| The authors must not to be held responsible for any consequences from the usage of this tool.** |
|---|
| :information_source: | Hulk is a Distributed Denial of Service tool that can put heavy load on HTTPS servers, in order to bring them to their knees, by exhausting the resource pool. |
|---|---|
GUI :desktop_computer:

Server :computer:
Client/Bot :space_invader:

:green_circle: To get started, expand the sections below to read about them.
You can refer the Changelog here.
Run pip install -r requirements_(linux/win).txt before starting this script.
> Ex: On Windows: pip install -r requirements_win.txt
> Ex: On Linux: pip install -r requirements_linux.txt
Launch the hulk_launcher.py server with the target website as arg.
> Ex: python hulk_launcher.py server https://testdummysite.com
>
> Append --persistent False to kill the botnet after a succesfull DDoS.
>
> Append --gui if you are running the GUI in parallel.
Launch the hulk_launcher.py client to spawn multiple processes of hulk - one per CPU Core.
> Ex: python hulk_launcher.py client [localhost]
>
> If the server is running remotely, replace localhost with the server's IP.
To run the GUI, you need to:
NodeJS, change to gui directory and use npm install.npm run dev.Sit back and sip your coffee while the carnage unleashes! 😈
(P.S. Do not run the binaries (except hulk_gui) directly, use them from command line like shown above without using python.)
usage: hulk_launcher.py server [-h] [-p PORT] [-m MAX_MISSILES] [--persistent] [--gui] target
The Hulk Server Launcher
positional arguments:
target the target url.
options:
-h, --help show this help message
-p PORT, --port PORT the Port to bind the server to.
-m MAX_MISSILES, --max_missiles MAX_MISSILES
the maximum number of missiles to connect to.
--persistent keep attacking even after target goes down.
--gui run on the GUI mode.
usage: hulk_launcher.py client [-h] [-r ROOT_IP] [-p ROOT_PORT] [-n NUM_PROCESSES] [-s]
The Hulk Bot Launcher
options:
-h, --help show this help message
-r ROOT_IP, --root_ip ROOT_IP
IPv4 Address where Hulk Server is running.
-p ROOT_PORT, --root_port ROOT_PORT
Port where Hulk Server is running.
-n NUM_PROCESSES, --num_processes NUM_PROCESSES
Number of Processes to launch.
-s, --stealth Stealth mode.
| :warning: The intention of Hulk is to demonstrate the damage that a DDoS attack can do to a server if unprotected. |
|---|
| :bulb: Please go through the code for full details. I'm keeping it well documented and request the contributors to do so too. |
Hulk consists of 2 major and 1 optional components: - Server - Client - [Gui]
Client :space_invader:
The core part of Hulk is the
Hulk clientakaHulk.py. \ This client\bot launches a barrage ofasynchronous HTTP requeststo the target server. \ These incoming requests, put a burden on the target and makes it slow to respond. \ With the launcher script, we can launch multiple instances of Hulk usingmulti-threading. \ The target will be hit with so many requests that it will ultimately break into a500 error. \ Usually, the client completes 500 attacks and sends back the list of status messages. \ In case of special events, the client will immediately send an Interrupt message to the server. \ Example Special Events: Successful DDoS, 404 Target Not Found, etc.
Server :computer:
Hulk was originally a single instanced DoS script. However, it has been modified to be run as multiple instances. \ The cluster of many such instances is called a
botnet. And this botnet can be controlled and monitored by theServer. \ TheServerandClientcommunicate with each other through TCPWebSockets. Based on the settings, this is usally a persistent bidirectional channel. \ In case the server receivesInterruptsfrom a client, it will send out a broadcast message to all the clients, asking them to stop the attacks. \ The clients go to Standby mode and await further instructions from the server.The server can also send information to the GUI to keep a track of the botnet. \ This information is sent via Unix\Windows
Named Pipesfor low latencyIPC.
GUI :desktop_computer:
The GUI is a
NextJSweb application that is used to monitor the botnet via Named Pipes. \ When run as a binary, GUI makes use ofElectronwhich exposes the information directly to the Frontend. \ When run as a Node process, a node server listens to the Named Pipe and passes on the information to a HTTP Streaming API. \ Then the frontend will pick it up from the API usingEventSource.
| Name | Version |
|---|---|
| Hyperclaw79 | 2.0+ |
| Barry Shteiman | 1.0 |
Your chance to be first on this list. Follow the Contribution Guide and open a PR.
HULK v3 is a Python 3 compatible Asynchronous Distributed Denial of Service Script.\ Original script was created by Barry Shteiman. You can use that one if you have Python 2.
Using a GNU license cause there was no mention about any license used by Barry. Feel free to modify and share it, but leave some credits to us both and don't hold us liable.
$ claude mcp add HULK-v3 \
-- python -m otcore.mcp_server <graph>