Dear tech community, I found an interesting link on Reddit: | CatOps

Dear tech community,

I found an interesting link on Reddit:

https://www.reddit.com/r/ukraine/comments/t0m50l/how_to_use_hoic_high_orbit_ion_cannon_to/

I will copy the text here for convenience.

How to use HOIC ("High Orbit Ion Cannon") to stress-test websites that are owned by you, and you alone, and that are absolutely not owned by russian entities.

So, for no particular reason I feel like explaining how to use the piece of software called HOIC to stress-test websites that you own.


# Introduction

HOIC, or "High Orbit Ion Cannon" is a piece of software that can be used to stress-test websites and other online services. What it does is it simply sends a bunch of requests to a URL that you specify. It is the successor to "LOIC", or "Low Orbit Ion Cannon", which was used by the hacktivist collective Anonymous during Operation Payback to bring down websites of entities that fought against internet freedoms.

It is available on [SourceForge](https://sourceforge.net/projects/highorbitioncannon/) and has been classified as malware because it can be used in a malicious manner. LOIC is also [available on the same website.](https://sourceforge.net/projects/loic/)

To properly stress-test a website that you own, you would likely either need to own several computers on different networks, or have a bunch of friends that could help you by targeting the same website/IP-address.

# Be wary

If you decide that stress-testing websites is something that you would like to do, I would suggest that you personally make sure that you do in fact trust the software. In these times, we need to be wary, and there is no way for you to know that I am not a malicious actor promoting actually malicious software.


When attempting to unzip the tool, Windows Defender will give you two malware warnings, "DDoS:VBS/Hoic.A" and "HackTool:Win32/Hoylecann.A"

You can read what Microsoft has to say about this tool on the following links:

[https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/Hoylecann.A](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=HackTool:Win32/Hoylecann.A)

[https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=DDoS:VBS/Hoic.A](https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=DDoS:VBS/Hoic.A)

# How to use HOIC

Honestly, it's really fucking simple. The most difficult part is allowing the software through your antivirus software.


1. Download the zipped up archive from sourceforge. The link can be found above. Seeing as SourceForge detects malware in the software, you have to go through an extra click.
2. Unzip the archive.
3. If you're on windows, Windows Defender will likely stop you. If you are sure you know what you're doing and you want to proceed anyways, you'll have to click the notification, click the threat "DDoS:VBS/Hoic.A" and select "Allow on Device" followed by "Start actions".
4. Click "Yes" to confirm the action using admin privileges.
5. In the prompt for moving/copying files, press "try again". If you've already closed that prompt, you can simply unzip the file again. This time it should let you.
6. Once you've successfully unzipped the archive, open the folder "Hoic" and run "hoic2.1.exe"
7. Press the "+" button under "TARGETS"
8. Enter the URL that you wish to stress-test, e.g. "[https://somewebsite.org](https://somewebsite.org)" or "[https://www.rt.com](https://www.rt.com)"
9. Make sure you actually own the website that you target. Targeting someone else's website might very well be illegal, and could cause problems for the website and its' users.
10. Set "Power" to whatever you prefer. The higher you put it, the more pressure will be put on the target. Setting it higher might trigger counter-measures more easily, so you might want to keep it at Low or Medium in order to properly test whether your website still manages to detect the attack etc.
11. I'm not sure how to use Booster, so either figure it out yourself or leave it blank
12. Click "Add".
13.