UFONet is an open redirect DDoS tool designed to launch attacks against a target, using insecure redirects in third party web applications, like a botnet. Obviously, only for testing purposes.
The tool abuses OSI Layer 7-HTTP to create/manage ‘zombies’ and to conduct different attacks using; GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.
Definition of an “Open Redirect”:
An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials. Because the server name in the modified link is identical to the original site, phishing attempts have a more trustworthy appearance.
From: CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’)
—version show program‘s version number and exit
-h, –help show this help message and exit
-v, –verbose active verbose on requests
–update check for latest stable version
–check-tor check to see if Tor is used properly
–force-yes set ‘YES‘ to all questions
–disableisup disable external check of target’sstatus