DDoS attack tools
| Attack | Description | DDoS condition |
| Attack tools and worms | ||
| Trinoo (UDP Floods) | Bandwidth depletion through coordinated UDP flood via a buffer overflow exploit | |
| Trinity | Launches UDP flood, fragment flood, SYN flood, RST flood, random flags flood, ack flood, establish flood and null flood | End-point resource exhaustion Link congestion |
| TFN | Launches ICMP flood, SYN flood, UDP flood, and Smurf style attacks | Link congestion End-point resource exhaustion |
| Targa | Sends malformed IP packets with invalid fragmentation, protocol, packet size, header values, options, offsets, tcp segments, routing flags, and other unknown/unexpected packet values | End-point crash |
| TFN2K | Besides TFN Flooding, TFN2K includes Teardrop and Land attacks that cause end point crashes. | Link congestion End-point resource exhaustion End-point crash |
| Stacheldraht | Link congestion | |
| Shaft | UDP, TCP SYN, and ICMP flooding | Link congestion |
| Mstream | TCP ACK floods | End-point resource exhaustion (CPU) |
| W-Code Red | Exploits a buffer overflow vulnerability in IIS web servers | End-point crashes due to too excessive number of threads flood of whitehouse-gov Link congestion End-point resource exhaustion (CPU, memory) End-point crash |
| Nimda | Exploits vulnerability in IIS Web servers | Link congestion End-point corruption |
| SQL Slammer | Exploits a buffer overflow vulnerability | Flooding route instability End-point crashes |
| Agobot | Spreads in multiple ways, opens backdoors, shuts down communication services. It can launch HTTP flood, UDP flood, SYN flood and Ping flood. | Link congestion End-point resource exhaustion |