What is commonly used in a distributed denial-of-service (DDoS) attack?

Botnets are commonly used in distributed denial-of-service (DDoS) attacks because they consist of a network of compromised computers that can be controlled remotely by an attacker. The attacker takes advantage of these compromised systems, often referred to as "zombies," to flood a target server or network with an overwhelming amount of traffic. This flood of requests can exhaust the resources of the target system, rendering it unable to process legitimate requests and effectively causing it to become unavailable to users.

Firewalls, VPNs, and intrusion detection systems serve protective or supportive functions in network security. While firewalls and intrusion detection systems can help mitigate or identify DDoS attacks, they are not used to launch these attacks. VPNs are designed for secure communication and privacy, and they don't play a role in the mechanics of a DDoS attack either. Thus, botnets stand out as the most applicable technology employed in executing these types of attacks.