You may have heard of Slowloris and Nkiller2 (if not check them out), but there is also david: http://git.bogomips.org/cgit/david.git I wasn''t comfortable with announcing this two years ago when I wrote it. I''m OK now since Slowloris and Nkiller2 are similar (ok, Nkiller2 is lower-level and meaner) and attacks of this type should be well-known by now. I''m sure some folks have known about these types of attack since the 1990s, even. I haven''t touched david in over two years and don''t have any desire to maintain or support it. Feel free to take and hack on it for your own testing or even make it into a real project, but please be nice and don''t hurt people with it. This is different from Slowloris in that it throttles the entire request including the POST/PUT body. Most proxies (including haproxy) don''t buffer bodies before sending them on whereas nginx will buffer large ones to temporary files. I originally wrote david to convince some friends to stick nginx in front of anything that wasn''t nginx; including Apache + mod_perl|mod_php|mongrel and Tomcat setups. And it was quite convincing at the time :> Implementation details: * david combines fork() with select() to multiplex file descriptors and get around select() and non-priviledged process FD limits. * The defaults at the top of the davic.c file are all pretty tame, but they''re all commented on and you can tweak them. * david mmaps a raw file that is an HTTP request, some small samples are provided but you can/should generate your own large POST/PUT requests to really stress request body handling. -- Eric Wong