Saphyra iDDoS Priv8 Tool

The tools itself is a Python script which can be run on almost any device, including mobile phones. The script contains over 3,200 unique user agent strings and over 300 unique referrer field strings. This can create more than 1 million unique combinations of user agents and referrers which are sent in the form of HTTP requests to the victim’s server.

The purpose of creating unique user agent strings and referrers is to create unique requests which will likely bypass caching engines but directly impact the server load. This can result in website failure as the webserver becomes so overwhelmed with requests that it cannot service legitimate requests.

Saphyra employs a variety of techniques to make detection and attribution difficult. Obfuscation of the source client is achieved through the use of spoofed user agent strings and referrer strings. This enables the sending of incorrect referrer information in a HTTP request which would prevent a target website obtaining accurate data about the identity of the previous webpage visited by the attacker.

To achieve persistence, the tool uses standard HTTP methods to force the server to maintain open connections by using keep-alives with a definable time window.

The user interface of the tool boasts an affiliation with over 1.8 million bots. If this statement is true then the tool would be capable of launching significant attacks.