HOIC – High Orbit Ion Cannon

Recently, a new DDOS attack tool was introduced dubbed as HOIC – High Orbit Ion Cannon.

Although developed for testing purposes (according to the developer disclaimer)this tool is evidently used maliciously in the wild.

HOIC is running as windows executables and has GUI control.

he attackercan choose betweentwo setup options, he can either manually:

  • Add the target URLs
  • Set the attack power (request per second)

Or he can download a configuration script (Booster) which will automatically setthe targets and the attack parameters; the booster script is delivered as VB script.

Once the targets are set,the attackernow needs to adjust the number of threads the attack will use if he is willing to give it extra power.

HOIC is in some way a subset of LOIC,supporting HTTP floods only with thelittle twist of booster scripts support.

Unlike LOIC, HOIC can attack withsome level of randomization, when using booster scripts, HOIC can be configured to rotate overseveral predefined headers like: ‘user-agent’, ‘referrer’, ‘If-Modified-Since’and more.

Booster scripts are being published over the web through web sites like pastebin.com, annonpaste.com and others.