CVE-2023-44487

This Python script exploits CVE-2023-44487 (HTTP/2 Rapid Reset vulnerability) by rapidly creating and resetting HTTP/2 streams to trigger a denial-of-service condition. It uses the h2 library to establish an HTTP/2 connection and measures the server's response to the attack.

This repository contains a Python-based scanner that checks for potential vulnerability to CVE-2023-44487 by testing HTTP/2 support and stream reset capabilities. It does not exploit the vulnerability but detects conditions that may indicate susceptibility.

This repository contains a functional Go-based tool that demonstrates CVE-2023-44487, a Rapid Reset DDoS attack vector in HTTP/2. It establishes an HTTP/2 connection, sends rapid HEADERS frames followed by RST_STREAM frames, and monitors server responses.

This repository contains a functional proof-of-concept exploit for CVE-2023-44487, the HTTP/2 Rapid Reset vulnerability. The exploit uses Python to create multiple threads that establish HTTP/2 connections and rapidly cancel streams, leading to a denial-of-service condition.

This repository contains a functional Python-based exploit for CVE-2023-44487, the HTTP/2 Rapid Reset vulnerability. It uses Twisted and h2 libraries to open multiple streams and reset them rapidly, causing a denial-of-service condition on vulnerable servers.

This repository contains functional exploit code for CVE-2023-44487 (HTTP/2 Rapid Reset), demonstrating the attack by sending a large number of HTTP/2 requests followed by immediate RST_STREAM frames to bypass MAX_CONCURRENT_STREAMS limits. The examples include both GET and POST request variants, with the latter using threading for amplified impact.

This repository provides a Python-based scanner to detect CVE-2023-44487 (HTTP/2 Rapid Reset vulnerability) by checking HTTP/2 support and sending RST_STREAM frames. It includes features for bulk testing, custom ports, and output formatting.

This repository contains a functional Go-based tool that exploits CVE-2023-44487, an HTTP/2 protocol vulnerability allowing DoS via rapid RST_STREAM frame abuse. The tool sends HEADERS frames followed by RST_STREAM frames to bypass concurrent stream limits, with configurable parameters for testing server resilience.

This repository contains a functional Python-based proof-of-concept for CVE-2023-44487, the HTTP/2 Rapid Reset attack. The exploit opens HTTP/2 streams with HEADERS frames and immediately resets them with RST_STREAM, causing server resource exhaustion without hitting the max concurrent streams limit.

This repository contains a functional Go-based proof-of-concept for CVE-2023-44487, demonstrating the HTTP/2 Rapid Reset vulnerability. It includes an attacker script that sends a high volume of HEADERS and RST_STREAM frames to test against various server configurations (Go HTTP/2, gRPC, reverse proxy, and Nginx).

This repository demonstrates CVE-2023-44487, an HTTP/2 Rapid Reset DoS vulnerability, using a Golang-based exploit tool. It includes setup instructions, detection via Webmin, and mitigation using IPTables.

This repository contains a functional Python-based PoC for CVE-2023-44487, the HTTP/2 Rapid Reset vulnerability, which exploits a DoS condition by rapidly opening and resetting HTTP/2 streams. The PoC uses the `hyper` library to craft malicious HTTP/2 requests and includes both probe and bruteforce modes to test target servers.

This repository contains a functional proof-of-concept for CVE-2023-44487, demonstrating HTTP/2 vulnerabilities including Slowloris, Rapid Reset, and Header Flood attacks. It includes both a vulnerable server and a hardened server to compare defenses.

This repository provides a functional test lab for CVE-2023-44487 (HTTP/2 Rapid Reset vulnerability), including Docker containers for vulnerable and patched versions of Nginx and Apache, along with a scanner to detect the vulnerability. It demonstrates the exploit by simulating rapid reset pressure and comparing server responses.

This repository contains a functional Python-based proof-of-concept exploit for CVE-2023-44487 (HTTP/2 Rapid Reset vulnerability). The script establishes a TLS connection with ALPN 'h2', sends a series of HEADERS frames followed by RST_STREAM frames to trigger the vulnerability, and monitors server responses for GOAWAY frames.

This repository contains a functional PoC for CVE-2023-44487, demonstrating the HTTP/2 Rapid Reset vulnerability by sending a high volume of RST_STREAM frames to overwhelm the target server. The attack is implemented in Python using the h2 library and is containerized with Docker for easy deployment.

This repository contains a Rust-based HTTP/2 stress testing framework with functional exploit code for CVE-2023-44487 (Rapid Reset attack) and other HTTP/2 vulnerabilities. The code includes attack modules that operate at the raw HTTP/2 frame level, demonstrating the vulnerability through crafted frame sequences.

Phoenix is a Rust-based HTTP/2 stress testing framework with functional exploit code for CVE-2023-44487 (Rapid Reset) and other HTTP/2 attacks. It includes raw frame-level implementations and attack modules for various HTTP/2 vulnerabilities.

This repository contains a functional proof-of-concept for CVE-2023-44487, demonstrating the HTTP/2 Rapid Reset DoS attack. It includes a Go-based attacker tool that establishes multiple HTTP/2 connections, sends rapid HEADERS and RST_STREAM frames to overwhelm the target server, and a Dockerized environment to simulate the attack scenario.

The repository contains no actual exploit code or technical details about CVE-2023-44487. Instead, it is filled with vague marketing language, legal disclaimers, and self-aggrandizing descriptions of the author's purported expertise.

This repository contains a functional Proof of Concept (PoC) for CVE-2023-44487, demonstrating the HTTP/2 Rapid Reset Attack. The exploit code includes a script that rapidly opens and resets HTTP/2 streams to overload a target server, along with a Slowloris attack for HTTP/1.1 and a latency monitoring tool.

This repository contains functional Python scripts demonstrating CVE-2023-44487, an HTTP/2 Rapid Reset vulnerability. The code includes multiple attack patterns and granular configuration options for testing the DoS vulnerability.

This repository contains a functional Python script that performs an HTTP/2 flood attack against a target URL, leveraging CVE-2023-44487 (HTTP/2 Rapid Reset vulnerability). The script uses asyncio and httpx to send a high volume of requests with configurable concurrency and total request count.

This repository contains a functional Python-based PoC for CVE-2023-44487, a HTTP/2 Rapid Reset DDoS vulnerability. The script implements a minimal HTTP/2 client that sends rapid HEADERS followed by RST_STREAM frames to test for vulnerability exposure.

The repository contains only a minimal README with the CVE identifier and no exploit code, technical details, or functional content.

This repository contains a functional Go-based exploit for CVE-2023-44487, which targets an HTTP/2 vulnerability by sending crafted HEADERS and RST_STREAM frames to trigger a denial-of-service (DoS) condition. The exploit includes both client (main.go) and server (server.go) components for testing.

This PoC exploits CVE-2023-44487 (HTTP/2 Rapid Reset) by rapidly initiating and canceling HTTP/2 streams to trigger a denial-of-service condition. It uses Python with the h2 library to send multiple concurrent requests with stream resets.

The repository contains a C++ tool that scans for HTTP/2 support and checks for potential vulnerability to CVE-2023-44487 by sending RST_STREAM frames. It logs results to a CSV file but lacks the actual exploit payload or detailed vulnerability analysis.

This repository contains a functional Go-based HTTP/S stress testing tool that includes an implementation of the HTTP/2 Rapid Reset attack (CVE-2023-44487). The tool supports multiple attack vectors, including the specific exploit for the vulnerability, with configurable workers and proxy support.

This repository contains a functional proof-of-concept exploit for CVE-2023-44487, the HTTP/2 Rapid Reset vulnerability. The exploit uses Python to create multiple threads that establish HTTP/2 connections and rapidly cancel streams, leading to a denial-of-service condition.