ANST delivers 60 powerful hping3-based attacks (ICMP/TCP/UDP) across 5 categories: BASIC → HYPER‑AGGRESSIVE. Features verbose live output, interactive menu, and smart one‑time dependency install. Perfect for authorised network stress‑testing, firewall validation, and educational security research.
ANST is a powerful, educational network security testing framework built on hping3.
It provides 60 meticulously crafted attack vectors – from basic reconnaissance to hyper‑aggressive stress tests – all in one interactive, cyberpunk‑style dashboard.
⚠️ For authorised security testing only. Never use against systems you do not own or have explicit permission to test.
- All‑in‑One – 60 attacks covering ICMP, TCP, UDP, fragmentation, spoofing, floods, and more.
- Verbose & Visual – Every attack runs with
-V(verbose) and streams live output in real‑time. - Interactive Dashboard – Browse attacks by category (Basic → Hyper‑Aggressive) or pick any from the full list.
- Smart Dependency Management – Installs
hping3,nala,tsuonly once – skip on subsequent runs. - Cinematic Experience – Loading spinner, 3‑2‑1 countdown, and Optimus‑Prime themed banner.
| # | Name | Category | What It Does (Brief) |
|---|---|---|---|
| 1 | ICMP Echo Request (Ping Sweep) | BASIC | Checks live hosts via ICMP replies. |
| 2 | TCP SYN Port Scan (Port 80) | BASIC | Probes HTTP service availability. |
| 3 | TCP SYN Port Range Sweep | BASIC | Enumerates open ports 1‑3000. |
| 4 | UDP DNS Probe | BASIC | Tests DNS resolver responsiveness. |
| 5 | Count‑Limited Ping | BASIC | Sends exactly 5 ICMP echoes; minimal footprint. |
| 6 | Slow‑Rate Interval Scan | BASIC | 2‑second interval to evade rate‑limiting. |
| 7 | TCP SYN to HTTPS (Port 443) | BASIC | Checks SSL/TLS service. |
| 8 | Source Port Spoofing | BASIC | Bypasses ACLs filtering by destination only. |
| 9 | Small Payload Latency Probe | BASIC | Measures RTT with 100‑byte packets. |
| 10 | TTL Manipulation Scan | BASIC | Discovers network hops via TTL expiry. |
| 11 | Router ICMP Liveness Check | BASIC | Verifies gateway reachability. |
| 12 | Router Web Admin Port Discovery | BASIC | Detects exposed router admin (HTTP/HTTPS). |
| 13 | Verbose SYN Scan | MEDIUM | Debugs handshakes with detailed flag output. |
| 14 | TCP FIN Stealth Scan | MEDIUM | Bypasses stateless firewalls using FIN packets. |
| 15 | TCP ACK Firewall Mapping Scan | MEDIUM | Distinguishes stateful vs stateless firewalls. |
| 16 | TCP XMAS Tree Scan | MEDIUM | Evades old IDS with all flags set. |
| 17 | UDP Application Fuzzing | MEDIUM | Sends oversized DNS payloads to test buffer handling. |
| 18 | IP Source Address Spoofing | MEDIUM | Tests ingress filtering (BCP38). |
| 19 | TOS Manipulation | MEDIUM | Checks QoS policies by altering TOS field. |
| 20 | IP Fragmentation Bypass Scan | MEDIUM | Bypasses ACLs that inspect only the first fragment. |
| 21 | DF MTU Probe | MEDIUM | Discovers Path MTU with Don’t‑Fragment flag. |
| 22 | ICMP Traceroute | MEDIUM | Maps each hop using ICMP Time Exceeded. |
| 23 | Router Stateful Firewall Test (ACK) | MEDIUM | Tests if router tracks connection state. |
| 24 | Router Web Admin Moderate Stress Test | MEDIUM | 500 SYN to port 80 at 1000µs – checks resilience. |
| 25 | TCP‑Based Traceroute | ADVANCED | Traceroute when ICMP is blocked. |
| 26 | Path MTU Discovery Attack | ADVANCED | Forces ICMP “Frag Needed” replies. |
| 27 | Firewalking (TTL=1 ACL Audit) | ADVANCED | Probes firewall rules one hop away. |
| 28 | Randomized Source IP Flood (Baseline) | ADVANCED | Tests source‑based filtering effectiveness. |
| 29 | TCP Window Size Manipulation | ADVANCED | Tests non‑standard window size handling. |
| 30 | TCP Sequence Number Prediction | ADVANCED | Checks ISN predictability (session hijack risk). |
| 31 | Fragment Offset Manipulation | ADVANCED | Overlapping fragments – can crash old kernels. |
| 32 | Loose Source Routing (LSRR) Exploit | ADVANCED | Exploits weak routing to redirect traffic. |
| 33 | Strict Source Routing (SSRR) Exploit | ADVANCED | Forces exact path for traffic. |
| 34 | RAW IP Protocol Fuzzing (Layer 3) | ADVANCED | Sends malformed IP packets (protocol 6) – may panic. |
| 35 | WiFi TCP Traceroute to Gateway | ADVANCED | Maps internal WiFi infrastructure. |
| 36 | Targeted WiFi Client SYN DoS | ADVANCED | Floods a single client – kicks it offline. |
| 37 | Classic SYN Flood | AGGRESSIVE | Exhausts half‑open connection queue. |
| 38 | SYN Flood with Random Spoofed Sources | AGGRESSIVE | Harder to mitigate; hides real source. |
| 39 | UDP Flood (Bandwidth Saturation) | AGGRESSIVE | Saturates network link with UDP traffic. |
| 40 | ICMP Flood (Ping Flood) | AGGRESSIVE | Overwhelms CPU with ICMP storms. |
| 41 | TCP ACK Flood (State Table Exhaustion) | AGGRESSIVE | Fills firewall connection tracking table. |
| 42 | TCP FIN Flood (Invalid Flag Stress) | AGGRESSIVE | High‑rate FIN packets cause CPU spikes. |
| 43 | TCP RST Flood (Session Reset Abuse) | AGGRESSIVE | Aborts active connections with RST storms. |
| 44 | XMAS Tree Flood (All Flags Set) | AGGRESSIVE | Flood of all TCP flags – IDS may alert or crash. |
| 45 | Spoofed SSH SYN Flood (Fail2ban Test) | AGGRESSIVE | Tests fail2ban thresholds on SSH port. |
| 46 | High‑Speed SYN Flood (100+ PPS) | AGGRESSIVE | Sustained moderate load to measure performance. |
| 47 | Router Full‑Port SYN Exhaustion | AGGRESSIVE | Floods all ports on router – may hang the device. |
| 48 | WiFi Client Spoofed UDP Flood (DNS Amp Sim) | AGGRESSIVE | Simulates DNS amplification against a single client. |
| 49 | Multi‑Protocol SYN+UDP Simultaneous Flood | HYPER‑AGGRESSIVE | Combined SYN and UDP – overwhelms both CPU and network. |
| 50 | Fragmented SYN Flood (DPI Bypass) | HYPER‑AGGRESSIVE | Bypasses Deep Packet Inspection. |
| 51 | Large‑Packet SYN Flood (Bandwidth+Conn) | HYPER‑AGGRESSIVE | 1400‑byte SYNs – bandwidth + connection exhaustion. |
| 52 | Reflection Amplification Mimic | HYPER‑AGGRESSIVE | Spoofed DNS reflector simulation. |
| 53 | Random Destination Subnet Flood (CAM/ARP) | HYPER‑AGGRESSIVE | Floods random IPs – fills switch CAM table. |
| 54 | TCP Option Flood (TOS + Window Kernel Bug) | HYPER‑AGGRESSIVE | Rare TCP options may trigger kernel panic. |
| 55 | ICMP Ping of Death (Max Size) | HYPER‑AGGRESSIVE | 65535‑byte ICMP – crashes legacy systems. |
| 56 | Fragmented UDP Flood (IPS Bypass) | HYPER‑AGGRESSIVE | Fragmented UDP bypasses IPS. |
| 57 | Spoofed ACK Flood (Memory Exhaustion) | HYPER‑AGGRESSIVE | Consumes firewall session memory – reboots device. |
| 58 | “Nuclear” SYN Flood (All Options Combined) | HYPER‑AGGRESSIVE | Max strain – most aggressive single‑vector attack. |
| 59 | Network‑Wide ARP/CAM Saturation | HYPER‑AGGRESSIVE | Broadcast storm – all devices lose connectivity. |
| 60 | Ultimate Router Multi‑Vector Kill Chain | HYPER‑AGGRESSIVE | All vectors combined – router may be permanently damaged. |
- Termux (Android) or any Linux environment with
sudoandpkg/apt. python3,sudo,hping3(auto‑installed).
git clone https://github.com/sylhetyhackvenger/ANST-ActiveNetworkSmashingTool or git clone [ paste the link ]
cd ANST-ActiveNetworkSmashingTool
chmod +x anst.py
sudo python3 anst.py
The script will:
· Install dependencies (only once).
· Display the interactive menu.
· Let you choose any attack, view its details, supply target IPs, and see live output.
---
⚡ Key Features
· 60 Attack Vectors – from simple pings to nuclear floods.
· Verbose Mode (-V) on every command.
· Interactive Menu – browse by category or view all attacks.
· Real‑Time Output – watch packets fly in colourful terminal.
· Loading Animations & Countdown – makes testing cinematic.
· Smart Dependency Check – installs missing packages only once.
---
📜 Legal Disclaimer
ANST is for educational and authorised penetration testing only.
Unauthorised use against any network or system you do not own or have explicit permission to test is illegal.
The author assumes no liability for misuse or damage caused. Use responsibly.
---
🤝 Contributing
Pull requests and feature suggestions are welcome. Keep the tool educational and ethical.
---
📬 Contact
Author: SYLHETYHACKVENGER (THE-ERROR808)
