Instagram Linkedin Twitter Youtube
Search
  • Cyber security
  • Pentesting Tools
  • Vulnerability Analysis
  • Information Gathering
  • Web Application Security
  • Forensics
  • Malware
  • OSINT
Instagram Linkedin Twitter Youtube
Kali Linux Tutorials Kali Linux Tutorials
Kali Linux Tutorials Kali Linux Tutorials
Home Kali Linux PoW-Shield : Project Dedicated To Fight DDoS And Spam With Proof Of...
  • Kali Linux

PoW-Shield : Project Dedicated To Fight DDoS And Spam With Proof Of Work, Featuring An Additional WA

By
R K
-
October 4, 2021
PoW-Shield : Project Dedicated To Fight DDoS And Spam With Proof Of Work, Featuring An Additional WA

PoW-Shield provides DDoS protection on OSI application layer by acting as a proxy that utilizes proof of work between the backend service and the end user. This project aims to provide an alternative to general captcha methods such as Google’s ReCaptcha that has always been a pain to solve. Accessing a web service protected by PoW Shield has never been easier, simply go to the url, and your browser will do the rest of the verification automatically for you.

PoW Shield aims to provide the following services bundled in a single webapp / docker image:

  • proof of work authentication
  • ratelimiting and ip blacklisting
  • web application firewall

Story on Medium

How It Works

So basically, PoW Shield works as a proxy in front of the actual web app/service. It conducts verification via proof-of-work and only proxies authorized traffic through to the actual server. The proxy is easily installable, and is capable of protecting low security applications with a WAF.

Here’s what happens behind the scenes when a user browses a PoW Shield-protected webservice:

  • The server generates a random hex-encoded “prefix” and sends it along with the PoW Shield page to the client.
  • Browser JavaScript on the client side then attempts to brute-force a “nonce” that when appended with the prefix, can produce a SHA256 hash with the number of leading zero-bits more than the “difficulty” D specified by the server. i.e. SHA256(prefix + nonce)=0…0xxxx (binary, with more than D leading 0s)
  • Client-side JavaScript then sends the calculated nonce to the server for verification, if verification passes, the server generates a cookie for the client to pass authentication.
  • The server starts proxying the now authenticated client traffic to the server with WAF filtering enabled.

Usage

nodejs and docker

Configuration

environment variables

Features

  • Web Service Structure
  • Proxy Functionality
  • PoW Implementation
  • Dockerization
  • IP Blacklisting
  • Ratelimiting
  • Unit Testing
  • WAF Implementation
  • Multi-Instance Syncing (Redis)
Download

Related

  • TAGS
  • Additional WA
  • Fight DDoS
  • PoW-Shield
  • Proof Of Work
  • Spam
Facebook
Twitter
Pinterest
WhatsApp
    Previous articleLinux VPN Software – 3 Decent Options
    Next articleQueenoSno : Golang Binary For Data Exfiltration With ICMP Protocol
    R K
    R K

    RELATED ARTICLESMORE FROM AUTHOR

    Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell
    Kali Linux

    Pystinger : Bypass Firewall For Traffic Forwarding Using Webshell

    CVE-Search
    Kali Linux

    CVE-Search : A Tool To Perform Local Searches For Known Vulnerabilities

    ROADTools : The Azure AD Exploration Framework
    Kali Linux

    ROADTools: The Modern Azure AD Exploration Framework

    cp command

    cp Command: Copy Files and Directories in Linux

    0xSnow - September 20, 2025 0
    The cp command, short for "copy," is the main Linux utility for duplicating files and directories. Whether making a backup, organizing a project, or moving content, cp allows...
    image osint

    Image OSINT

    0xSnow - September 20, 2025 0
    Introduction In digital investigations, images often hold more information than meets the eye. With the right tools and techniques, analysts can uncover hidden metadata, find...
    cat Command

    cat Command: Read and Combine File Contents in Linux

    0xSnow - September 20, 2025 0
    The cat command short for concatenate, It is a fast and versatile tool for viewing and merging file contents directly from the Linux terminal. Whether you're...
    ports in networking

    Port In Networking

    Tamilselvan S - September 20, 2025 0
    What is a Port? A port in networking acts like a gateway that directs data to the right program on a device. An IP address...
    ls command

    ls Command: List Directory Contents in Linux

    0xSnow - September 20, 2025 0
    The ls command is fundamental for anyone working with Linux. It’s used to display the files and directories in your current location, helping you stay organized...
    KALI LINUX TUTORIALS
    Contact us: admin@kalilinuxtutorials.com
    Instagram Linkedin Twitter Youtube

    EVEN MORE NEWS

    cp command

    cp Command: Copy Files and Directories in Linux

    September 20, 2025
    image osint

    Image OSINT

    September 20, 2025
    cat Command

    cat Command: Read and Combine File Contents in Linux

    September 20, 2025

    POPULAR CATEGORY

    • Kali Linux2931
    • Cyber security912
    • Hacking Tools300
    • Pentesting Tools197
    • Exploitation Tools144
    • TECH134
    • Vulnerability Analysis116
    • Cyber security
    • Pentesting Tools
    • Vulnerability Analysis
    • Information Gathering
    • Web Application Security
    • Forensics
    • Malware
    • OSINT
    © Kalilinuxtutorials.com 2025
    MORE STORIES

    Nray : Distributed Port Scanner

    February 19, 2020

    Xerxes : Dos Tool Enhanced with Many Features

    March 24, 2019

    LOLBins : PyQT5 App For LOLBAS And GTFOBins

    January 20, 2022