Pyloris DoS attack tool

Hosted by


PyLoris is a scriptable tool for testing a service’s level of vulnerability to a particular class of Denial of Service (DoS) attack. Any service that places restrictions on the total number of simultaneous TCP connections has the potential for vulnerability to PyLoris. Additionally, services that handle connections in independent threads, services that poorly manage concurrent connections, and services that have high memory footprint per connection are prone to this form of vulnerability.

PyLoris uses the Slowloris method originally described by RSnake: by creating a large number of full TCP connections and keeping them open, services will soon hit the upper limit of the number of maintained connections. Unlike traditional DoS attacks, this is a direct attack on a service, not the hardware. The primary source of problem in a PyLoris attack is artificial constraints placed on the software, not hardware inadequacies.


Pyloris HTTP DoS official website