Organizations that may be targets of denial of service (DoS) attacks (and today, what organization is not?) need tools to check how well their countermeasures protect them. Acri Emanuele, a programmer and penetration tester for the Italian company Gerix.IT, first built Complemento as an exercise in the study of TCP/IP stack. Over time it evolved and become a set of pen testing tools whose later version was released this week. “Now I use it at work,” Emanuele says.
Complemento, and in particular its LetDown component, is a TCP stresser. TCP stress tests are difficult to perform without a tool like this. Emanuele says Letdown implements a “raw” TCP stack to run TCP connections in userland, which is useful when you want to know what resistance your systems offer to DoS attacks – not merely a syn flood, but against complete connections (three-way handshake plus data). Letdown also supports “payloads” written in Python, which lets you create and test complex connections using raw sockets, using Python for scripting them. The suite employs open source libraries such as libcurl and libpcap.
For the next release, Emanuele says he hopes to increase the stability of the tools and to improve integration with Linux distributions, especially BackTrack, the widely used Linux security and forensic distribution that he helps develop. But he’s currently very busy, he says, and “I do not think that development will continue very fast.”