Skip to content
/ turtle Public

🐒 Turtle is a toolkit for simulating and validating application layer denial-of-service attacks in both live and unit testing environments.

License

Notifications You must be signed in to change notification settings

b4fun/turtle

Repository files navigation

🐒 Turtle is a toolkit for simulating and validating application layer denial-of-service attacks in both live and unit testing environments.

Github release GoDoc

🚨 Disclaimer

Important: The use of this program for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to comply with all applicable local, state, and federal laws. The developers assume no liability and are not responsible for any misuse or damage caused by this program.

🎯 Why Use Turtle?

Exposing an application to the public internet is fraught with risks due to various types of denial-of-service attacks, such as:

While some applications may have well-configured settings that render them invulnerable to these attacks, others, such as those built with popular languages like Golang, might be vulnerable by default. Turtle provides an easy way to validate your application against these common threats to identify risks.

Furthermore, an application that is secure today may become vulnerable due to future changes. Therefore, integrating these attack simulations into your regular validation process is crucial.

πŸ›  Features

Turtle provides:

  • A Command-Line Interface (CLI) for validating real endpoints
  • A Golang library for easy integration into unit/integration tests

Supported Scenarios

Turtle current supports the following scenarios:

πŸš€ Getting Started

Turtle CLI

You can install the CLI tool via:

go install github.com/b4fun/turtle/cmd/turtle@latest

Or download a release binary from the GitHub Release page.

Using Turtle CLI

The turtle CLI embeds supported scenarios as sub-commands. A common way to invoke a scenario test:

$ turtle <scenario-name> <target-url>

Further details can be obtained by viewing the command's help message:

$ turtle -h
# Scenario specified help
$ turtle slowloris -h

To learn more, please checkout one of the following guides:

Turtle Golang Library

For the Golang library, documentation can be found on GoDoc.

πŸ“œ LICENSE

Turtle is distributed under the MIT license

About

🐒 Turtle is a toolkit for simulating and validating application layer denial-of-service attacks in both live and unit testing environments.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages