DDoS scripts are the software that permit the execution of DDoS attacks. They vary widely in their ease of use, motivation and potential range of impact. They can be broken broadly into several different types, according to their raison d’etre and what they program computers to perform.
The most common programming languages used to write DDoS scripts are Python, Perl and PHP.
Some DDoS scripts are written by white hat hackers as Proof of Concept (PoC) for a vulnerability to illustrate how another DDoS attack works to help mitigate them in the future. Unfortunately, these scripts once made available, are often repurposed for malicious intent.
In addition, DDoS scripts can be used as load testing tools before the launch of a website to estimate its limitations and capacity threshold; for example, the ApacheBench tool, which sends HTTP requests to a server to test how much traffic it can handle. These are also often later repurposed for DDoS attacks.
Primarily DDoS scripts are created by black hat hackers, however. They can be broken into scripts that can be executed from a single device and DDoS toolkits – software packages which infect numerous connected devices, which are then used as a botnet in future DDoS attacks.
DoS and DDoS scripts that can be run from a single device are often authored by hobby or inexperienced hackers as they are relatively easy to execute compared to a DDoS Toolkit. They are often driven by personal rivalry, hacktivism or sheer vandalism. They typically attack the application layer, and pose less of a threat to organizations than attacks driven by DDoS Toolkits.
An amateur hacker is also known as a “script kiddie”. It is relatively easy for a script kiddie to download DoS attack tools, and copy and paste professional attack scripts to go after a target. Script kiddies are often looked down on by the hacker community. While their attacks are often merely attention-seeking and limited in impact level, they still have the capacity to take down a mid-sized website. Most websites can’t handle more than 50-100 additional requests per second. A popular DoS tool like LOIC can generate dozens of requests each second.