Disclaimer

Overload.su offers tools for legitimate performance testing. Any misuse against third-party websites is strictly prohibited and violates our Terms of Service. Terms of Service.I accept this

Layer 4 Methods

Authorized testing only. These methods can destabilize systems. Run them only on assets you own or have explicit permission to test.

TCP-SYN

A very powerful method against moderately protected targets. It works only with the TCP protocol and is effective because it forces the target to respond with traffic. Recommended only against all ports (set port to 0 in the overload panel). If the target responds with connection reset, the method is effective; if the target does not respond (connection timeout), it’s better not to use it.

It can sometimes work against a single open TCP port, but other methods such as SOCKET and HANDSHAKE are usually more effective.

Host vulnerable to TCP-SYN

This configuration will cause the system to crash:

Overload.su config example

SOCKET / HANDSHAKE

These methods work only on open TCP ports. They don’t generate large amounts of traffic but can effectively bypass many defenses by fully emulating a real user, potentially crashing services.

SOCKET opens the maximum possible number of connections, which often leads to failures on many systems. However, it may be filtered since the behavior resembles a TCP-SYN flood. It’s recommended to set a packet rate limit in the Advanced options.

HANDSHAKE opens only a few connections (specified in Advanced options) and sends data there. You can also modify the data being sent by using the PAYLOAD field for HEX strings. Example: endlessly sending HTTP requests.

SOCKET / HANDSHAKE example

GRE / UDP / STOMP / ACK

These methods are quite similar in both operation and effectiveness. Most modern protections have patched them, but exceptions still exist:

Tip

The overload.su panel supports:

Contents