Welcome to WithAName!

If you see this page, you are at the right place to find details about the DDoSia configuration.

What is DDoSia ?

DDoSia is a specialized toolkit crafted by the hacker collective NoName057(16) explicitly for executing DDoS (Distributed Denial of Service) attacks, primarily targeting nations critical of the Russian invasion of Ukraine.

Initially coded in Python, DDoSia used CPU threads to launch a lot of network requests simultaneously. However, due to its inefficiency, the hackers transitioned to using Go. The updated Go versions seem to function seamlessly across various platforms, with variants tailored for major operating systems such as Windows, MacOS, Linux, and Android having been identified. The group remains actively engaged in refining the project to maximize the effectiveness of their attacks and preemptively counter any potential defensive measures.

The setup features dynamic configuration, hosted on a Command and Control (C2) server, with only the initial level publicly disclosed. Updates occur with varying frequency, but consistently at least once daily.

For more details please find articles: Malpedia

Why this website ?

Because sharing is caring ;-)

Yes this is free and when a new configuration is detected we added it in near realtime. The configuration is in JSON format but we also provide a CSV file lighter with key elements.

No we will not notify you, but feel free to monitor the data section or to follow us on Mastodon !

Configuration structure

The configuration is splited in 2 parts "targets" and "randoms"

"targets" contains all targets and the associated rules. The same domain, hostname can appears multiple times but with differents attacks rules.

        {
           "target_id": "target id",
           "request_id": "request id",
           "host": "hostname to attack",
           "ip": "ip of the hostname",
           "type": "http|http2|http3|nginx_loris|tcp|type|udp",
           "method": "|ack|GET|method|PING|POST|syn|SYN|syn_ack|udp_flood",
           "port": Port selected,
           "use_ssl": true|false,
           "path": "Url to attack",
           "body": {
               "type": "|str",
               "value": "Parameter to use for GET request"
           },
           "headers": null|"string to user in headers fields http"
       }


"randoms" is a list of rules used to generated random strings in targets rules. Each $_* in target rules have to be replaced by the output of the linked "randoms" field.

        {
           "name": "Name of the rule",
           "id": "id of the rule",
           "digit": true|false,
           "upper": true|false,
           "lower": true|false,
           "min": minimum length,
           "max": maximum legnth
       }

List of User-Agent used

The following User-Agent are used with the version 41 of DDoSia