Z
Zed Shaw
Another quick release of RFuzz for the people interested in playing with
it. It's still sitting on my site but I'll probably be moving it to
rubyforge next week.
http://www.zedshaw.com/projects/rfuzz/
http://www.zedshaw.com/projects/rfuzz/rfuzz-0.4.gem
http://www.zedshaw.com/projects/rfuzz/rfuzz-0.4.tgz
WHAT IS IT?
RFuzz is a HTTP server "fuzzing" library, or just general testing
library. It's the result of bringing together the various Ruby scripts
I use to thrash Mongrel into a cohesive framework people can use to
write their own tests and stability and performance measurements.
FEATURES
* A complete alternative HttpClient that makes ALL http requests simple
based on the Mongrel HTTP parser.
* The client is very correct, so it complains about your server your
server is probably wrong.
* It allows you to construct any HTTP request, even really weird evil
ones.
* All requests are done with simple function calls and passed data so
you can store the request parameters in a YAML file for "scripting".
* No blocks.
* You can register "defaults" to the client and it'll use those on
each request, reducing repetition.
* It tracks simple cookies so that a client acts like a client.
* Doesn't intercept any exceptions so you can see them.
* Allows you to register a Notifier to watch the process of each
request.
* A RandomGenerator that can produce random things based on an ArcFour
engine.
* A simple statistics calculation system to gather information about
requests (or anything).
* A small DSL for running fuzzing sessions with minimal effort.
* Everything is out of your way, so you don't have to use the DSL if you
don't want.
* Lots of decent documentation.
RFuzz has lots of little goodies in it that are useful outside of the
RFuzz project, but I'll be breaking those out in the future.
SAMPLE
Here's a very small sample session which thrashes a server with a bunch
of randomly generated URIs:
require 'rfuzz/session'
include RFuzz
s = Session.new :host => "localhost", ort => 3000
s.run 5, :save_as => ["runs.csv","counts.csv"] do |c,r|
uris = r.uris(50,r.num(30))
uris.each do |u|
s.count_errorswords) do
resp = c.get(u)
s.count resp.http_status
end
end
end
It then produces two files: runs.csv and counts.csv. These files
contain statistics about the above s.run that you can put through
R, gnuplot, or a spreadsheet to analyze.
Feel free to play with it. The next step is hooking into Test::Unit
to make it easy to write tests like this.
it. It's still sitting on my site but I'll probably be moving it to
rubyforge next week.
http://www.zedshaw.com/projects/rfuzz/
http://www.zedshaw.com/projects/rfuzz/rfuzz-0.4.gem
http://www.zedshaw.com/projects/rfuzz/rfuzz-0.4.tgz
WHAT IS IT?
RFuzz is a HTTP server "fuzzing" library, or just general testing
library. It's the result of bringing together the various Ruby scripts
I use to thrash Mongrel into a cohesive framework people can use to
write their own tests and stability and performance measurements.
FEATURES
* A complete alternative HttpClient that makes ALL http requests simple
based on the Mongrel HTTP parser.
* The client is very correct, so it complains about your server your
server is probably wrong.
* It allows you to construct any HTTP request, even really weird evil
ones.
* All requests are done with simple function calls and passed data so
you can store the request parameters in a YAML file for "scripting".
* No blocks.
* You can register "defaults" to the client and it'll use those on
each request, reducing repetition.
* It tracks simple cookies so that a client acts like a client.
* Doesn't intercept any exceptions so you can see them.
* Allows you to register a Notifier to watch the process of each
request.
* A RandomGenerator that can produce random things based on an ArcFour
engine.
* A simple statistics calculation system to gather information about
requests (or anything).
* A small DSL for running fuzzing sessions with minimal effort.
* Everything is out of your way, so you don't have to use the DSL if you
don't want.
* Lots of decent documentation.
RFuzz has lots of little goodies in it that are useful outside of the
RFuzz project, but I'll be breaking those out in the future.
SAMPLE
Here's a very small sample session which thrashes a server with a bunch
of randomly generated URIs:
require 'rfuzz/session'
include RFuzz
s = Session.new :host => "localhost", ort => 3000
s.run 5, :save_as => ["runs.csv","counts.csv"] do |c,r|
uris = r.uris(50,r.num(30))
uris.each do |u|
s.count_errorswords) do
resp = c.get(u)
s.count resp.http_status
end
end
end
It then produces two files: runs.csv and counts.csv. These files
contain statistics about the above s.run that you can put through
R, gnuplot, or a spreadsheet to analyze.
Feel free to play with it. The next step is hooking into Test::Unit
to make it easy to write tests like this.