           SPELL=slowhttptest
         VERSION=1.6
          SOURCE=$SPELL-$VERSION.tar.gz
SOURCE_DIRECTORY="$BUILD_DIRECTORY/$SPELL-$VERSION"
   SOURCE_URL[0]=http://slowhttptest.googlecode.com/files/$SOURCE
     SOURCE_HASH=sha512:34360be27120f5922f68f25690d10d7c2e352c99cdc0224a5de5ad935d00b5e0b79ab9f80dd772fab098767acc1bdba41f7279470e75cd9dba9cf4f6aed28774
        WEB_SITE=http://code.google.com/p/slowhttptest/
     GATHER_DOCS=off
      LICENSE[0]=APACHE
         ENTERED=20120427
        KEYWORDS="net"
           SHORT="application layer DoS attack simulator"
cat << EOF
SlowHTTPTest is a highly configurable tool that simulates some Application Layer
Denial of Service attacks.

It implements most common low-bandwidth Application Layer DoS attacks, such as
slowloris, Slow HTTP POST, Slow Read attack (based on TCP persist timer exploit)
by draining concurrent connections pool, as well as Apache Range Header attack
by causing very significant memory and CPU usage on the server.

Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP
protocol, by design, requires requests to be completely received by the server
before they are processed. If an HTTP request is not complete, or if the
transfer rate is very low, the server keeps its resources busy waiting for the
rest of the data.
If the server keeps too many resources busy, this creates a denial of service.
This tool is sending partial HTTP requests, trying to get denial of service from
target HTTP server.

Slow Read DoS attack aims the same resources as slowloris and slow POST, but
instead of prolonging the request, it sends legitimate HTTP request and reads
the response slowly.
EOF
