ddosify - a high-performance load testing tool, written in Golang

Ddosify - High-performance load testing tool quick start


✔️ Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way.

✔️ Scenario-Based - Create your flow in a JSON file. Without a line of code!

✔️ Different Load Types - Test your system's limits across different load types.


ddosify is available via DockerHomebrew Tap, and downloadable pre-compiled binaries from the releases page for macOS, Linux and Windows.


docker run -it --rm ddosify/ddosify

Homebrew Tap (macOS and Linux)

brew install ddosify/tap/ddosify

apk, deb, rpm packages

# For Redhat based (Fedora, CentOS, RHEL, etc.)
rpm -i https://github.com/ddosify/ddosify/releases/download/v0.1.1/ddosify_amd64.rpm

# For Debian based (Ubuntu, Linux Mint, etc.)
wget https://github.com/ddosify/ddosify/releases/download/v0.1.1/ddosify_amd64.deb
dpkg -i ddosify_amd64.deb

# For Alpine
wget https://github.com/ddosify/ddosify/releases/download/v0.1.1/ddosify_amd64.apk
apk add --allow-untrusted ddosify_amd64.apk

Using the convenience script (macOS and Linux)

  • The script requires root or sudo privileges to move ddosify binary to /usr/local/bin.
  • The script attempts to detect your operating system (macOS or Linux) and architecture (arm64, x86, amd64) to download the appropriate binary from the releases page.
  • By default, the script installs the latest version of ddosify.
  • If you have problems, check common issues
  • Required packages: curl and sudo
curl -sSfL https://raw.githubusercontent.com/ddosify/ddosify/master/scripts/install.sh | sh

Go install from source (macOS, Linux, Windows)

go install -v go.ddosify.com/[email protected]

Easy Start

This section aims to show you how to use Ddosify without deep dive into its details easily.

  1. Simple load test

     ddosify -t target_site.com

    The above command runs a load test with the default value that is 100 requests in 10 seconds.

  2. Using some of the features

     ddosify -t target_site.com -n 1000 -d 20 -p HTTPS -m PUT -T 7 -P http://proxy_server.com:80

    Ddosify sends a total of 1000 PUT requests to https://target_site.com over proxy http://proxy_server.com:80 in 20 seconds with a timeout of 7 seconds per request.

  3. Scenario based load test

     ddosify -config config_examples/config.json

    Ddosify first sends HTTP/2 POST request to https://test_site1.com/endpoint_1 using basic auth credentials test_user:12345 over proxy http://proxy_host.com:proxy_port and with a timeout of 3 seconds. Once the response is received, HTTPS GET request will be sent to https://test_site1.com/endpoint_2 along with the payload included in config_examples/payload.txt file with a timeout of 2 seconds. This flow will be repeated 20 times in 5 seconds and response will be written to stdout.


You can configure your load test by the CLI options or a config file. Config file supports more features than the CLI. For example, you can't create a scenario-based load test with CLI options.

CLI Flags

ddosify [FLAG]
-tTarget website URL. Example: https://ddosify.comstring-Yes
-nTotal request countint100No
-dTest duration in seconds.int10No
-pProtocol of the request. Supported protocols are HTTP, HTTPS. HTTP/2 support is only available by using a config file as described. More protocols will be added.stringHTTPSNo
-mRequest method. Available methods for HTTP(s) are GET, POST, PUT, DELETE, UPDATE, PATCHstringGETNo
-bThe payload of the network packet. AKA body for the HTTP.string-No
-aBasic authentication. Usage: -a username:passwordstring-No
-hHeaders of the request. You can provide multiple headers with multiple -h flag.string-No
-TTimeout of the request in seconds.int5No
-PProxy address as host:port. -P http://user:[email protected]_host.com:port'string-No
-oTest result output destination. Other output types will be added.stringstdoutNo
-lType of the load test. Ddosify supports 3 load types.stringlinearNo
-configConfig File of the load test.string-No
-versionPrints version, git commit, built date (utc), go information and quit--No

Load Types


ddosify -t target_site.com -l linear


linear load

Note: If the request count is too low for the given duration, the test might be finished earlier than you expect.


ddosify -t target_site.com -l incremental


incremental load


ddosify -t target_site.com -l waved


waved load

Config File

Config file lets you use all capabilities of Ddosify.

The features you can use by config file;

  • Scenario creation
  • Payload from a file
  • Extra connection configuration, like keep-alive enable/disable logic
  • HTTP2 support


ddosify -config <json_config_path>

There is an example config file at config_examples/config.json. This file contains all of the parameters you can use. Details of each parameter;

  • request_count optional

    This is the equivalent of the -n flag. The difference is that if you have multiple steps in your scenario, this value represents the iteration count of the steps.

  • load_type optional

    This is the equivalent of the -l flag.

  • duration optional

    This is the equivalent of the -d flag.

  • proxy optional

    This is the equivalent of the -P flag.

  • output optional

    This is the equivalent of the -o flag.

  • steps mandatory

    This parameter lets you create your scenario. Ddosify runs the provided steps, respectively. For the given example file step id: 2 will be executed immediately after the response of step id: 1 is received. The order of the execution is the same as the order of the steps in the config file.

    Details of each parameter for a step;

    • id mandatory

      Each step must have a unique integer id.

    • url mandatory

      This is the equivalent of the -t flag.

    • protocol optional

      This is the equivalent of the -p flag.

    • method optional

      This is the equivalent of the -m flag.

    • headers optional

      List of headers with key:value format.

    • payload optional

      This is the equivalent of the -b flag.

    • payload_file optional

      If you need a long payload, we suggest using this parameter instead of payload.

    • auth optional

      Basic authentication.

      "auth": {
          "username": "test_user",
          "password": "12345"
    • others optional

      This parameter accepts dynamic key: value pairs to configure connection details of the protocol in use.

      "others": {
          "keep-alive": true,              // Default false
          "disable-compression": false,    // Default true
          "h2": true,                      // Enables HTTP/2. Default false.
          "disable-redirect": true         // Default false

Common Issues

macOS Security Issue

"ddosify" can’t be opened because Apple cannot check it for malicious software.
  • Open /usr/local/bin
  • Right click ddosify and select Open
  • Select Open
  • Close the opened terminal


You can join our Discord Server for issues, feature requests, feedbacks or anything else.


This repository includes the single-node version of the Ddosify Loader. Ddosify Cloud will be available soon. It will support multi-location based distributed load testing and more features.

Join the waitlist: https://ddosify.com


Licensed under the AGPLv3: https://www.gnu.org/licenses/agpl-3.0.html

November 9, 2021
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013
Join our newsletter and receive for FREE, our premium edition “Brute Force and Supply Chain Attacks”