1 files changed, 21 insertions, 0 deletions

diff --git a/network/slowhttptest/README b/network/slowhttptest/README
new file mode 100644
index 000000000000..9d1a6bf83a82
--- /dev/null
+++ b/network/slowhttptest/README
@@ -0,0 +1,21 @@
+SlowHTTPTest is a highly configurable tool that simulates some Application Layer Denial of Service attacks. 
+It works on majority of Linux platforms, OSX and Cygwin - a Unix-like environment and command-line interface 
+for Microsoft Windows.
+
+It implements most common low-bandwidth Application Layer DoS attacks, such as slowloris, Slow HTTP POST, 
+Slow Read attack (based on TCP persist timer exploit) by draining concurrent connections pool, as well
+as Apache Range Header attack by causing very significant memory and CPU usage on the server.
+
+Slowloris and Slow HTTP POST DoS attacks rely on the fact that the HTTP protocol, by design, requires 
+requests to be completely received by the server before they are processed. If an HTTP request is not 
+complete, or if the transfer rate is very low, the server keeps its resources busy waiting for the 
+rest of the data. If the server keeps too many resources busy, this creates a denial of service. 
+This tool is sending partial HTTP requests, trying to get denial of service from target HTTP server.
+
+Slow Read DoS attack aims the same resources as slowloris and slow POST, but instead of prolonging
+the request, it sends legitimate HTTP request and reads the response slowly. 
+
+DISCLAIMER: Keep in mind that slowhttptest is of little use as a script kiddie tool. It cannot
+be pointed blindly at arbitrary targets, like e.g. LOIC.  Rather, where it excels is in its
+breadth of attack options, high customizability and its in-depth analytics. As such, it will be
+mostly useful for server administrators trying to stress test their systems.