This DDoS Attack... 398 million requests per second. (A demo of HTTP/2 Rapid Reset)
Рет қаралды 10,993
Күн бұрын398 Million Requests Per Second. 155 Million Requests Per Second. 201 Millions Requests Per Second. Dem packets be flyin'. In this video, I explore and demo CVE-2023-44487, the novel HTTP/2 Rapid Reset Attack zero-day. A feature rather than an inherent bug.
⏰ Timestamps:
0:00 - Introduction
0:41 - Background Information
1:38 - HTTP/2 vs HTTP/1.1
4:27 - Demo (DDoS Apache2 Web Server)
10:11 - Mitigations
11:17 - Conclusion
🔗 Links Mentioned:
- Rapid Reset Client (PoC): github.com/secengjeff/rapidre...
- New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records: www.bleepingcomputer.com/news...
- How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack: cloud.google.com/blog/product...
- HTTP/2 and How it Works (A good primer on differences between HTTP/1.1 vs HTTP/2): / http-2-and-how-it-works
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / _collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG
💻 Cybersecurity PC Build Parts
[Processor] Intel Core i7-13700K 3.4 GHz 16-Core Processor: amzn.to/3OlTTUK
[Graphics Card] Asus DUAL OC GeForce RTX 3060 Ti 8 GB Video Card: amzn.to/3OE0bkd
[AIO Cooler] Corsair iCUE H100i RGB ELITE 65.57 CFM Liquid CPU Cooler: amzn.to/3DEUUT9
[Motherboard] MSI PRO Z690-A WIFI DDR4 ATX LGA1700 Motherboard: amzn.to/3Ol9La8
[RAM](2x) Corsair Vengeance LPX 64 GB (2 x 32 GB) DDR4-3200 CL16 Memory: amzn.to/3OlsgeM
[HDD] Seagate IronWolf NAS 8 TB 3.5" 7200 RPM Internal Hard Drive: amzn.to/3DFdc6K
[SSD] Samsung 980 Pro 2 TB M.2-2280 PCIe 4.0 X4 NVME Solid State Drive: amzn.to/3KpTnnQ
[Case] Corsair 5000D AIRFLOW ATX Mid Tower Case: amzn.to/44Rjaxf
[Power Supply] Corsair RM850x (2021) 850 W 80+ Gold Certified Fully Modular ATX Power Supply: amzn.to/478wC1r
[Fans] Corsair iCUE SP120 RGB ELITE 47.7 CFM 120 mm Fans 3-Pack: amzn.to/44R4myD
@AbusedHerJaw 6 ай бұрын
Hey Grant, I just recently came across your videos and I just wanted to say that your awesome bro keep putting out these good informational videos.
@collinsinfosec 6 ай бұрын
Hey - happy to help!
@adisafwan5505 6 ай бұрын
Great sharing!
@filly-vg7mz 6 ай бұрын
👍👍👍
@guilherme5094 6 ай бұрын
👍
@machina123 5 ай бұрын
Add one more thing: DDoS'er s' favorite thing is also a dark room with big headset 8:45 Why not to try running it on low powered VM ? It would use the resources which you have given to it, so the illustration might be better.
@Epix__Productionz_ 6 ай бұрын
Very cute xd
@Epix__Productionz_ 6 ай бұрын
I'll watch later when I have time, I just wanted to say this is a cute vid xd
@collinsinfosec 6 ай бұрын
I hope you enjoy the video!
@thebello809 5 ай бұрын
This is nothing to a well structured firewall 😂
@yakshpasawala1692 6 ай бұрын
why do you use firefox? Is it better?
@collinsinfosec 6 ай бұрын
I enjoy Firefox, it's got a great UI and a good balance between privacy / convenience.
@elmehdiezziar 5 ай бұрын
Brave better 😎
@Fifasher2K 2 ай бұрын
@@elmehdiezziar brave is chrome
Grant Collins
Рет қаралды 24 М.
Bungee Jumping Park
Рет қаралды 30 МЛН
Grant Collins
Рет қаралды 37 М.