GithubHelp home page GithubHelp logo

http-bad-request-tester's Introduction

Simple HTTP Bad Request Testing Utility

Description

This utility is a Bash script designed to automate the process of testing HTTP bad requests against a given host. It's useful for quickly performing a series of tests based on predefined .txt test case files.

Features

  • Easily specify the host to test against
  • Specify custom port (default is 80)
  • Supports wildcards for specifying multiple test cases
  • Color-coded output for better readability
  • Supports disabling color output

Requirements

  • Bash 4.0 or later
  • Ncat version of nc from the Nmap project

Installation

  1. Clone this repository:

    git clone https://github.com/steffenbusch/http-bad-request-tester

  2. Navigate into the directory:

    cd http-bad-request-tester

  3. Fix one testcase:

    echo -e "GET / HTTP/1.1\r\nHost: example.com\n\n" > mixed-line-endings.txt

Usage

Basic Usage

To test against a specific host:

./run.sh --host arm.stbu.net

To test against a specific host and port:

./run.sh --host arm.stbu.net --port 8080

To specify a single test case:

./run.sh --host arm.stbu.net --testcases good-request.txt

To specify multiple test cases using wildcards:

./run.sh --host arm.stbu.net --testcases "http0.9*"

About the Test Cases

The test cases included in this utility vary in their adherence to HTTP protocol specifications. These test cases have been generated with the assistance of ChatGPT and cover a broad spectrum of request scenarios.

Note: Not all the test cases represent "bad" or "malformed" requests according to the HTTP specifications. Some may be fully compliant requests, while others deliberately deviate from the standard to test how the server handles such cases.

Please read through the test cases to understand their specifics before running them.

Help

For the usage guide:

./run.sh --help

Disabling Color Output

To disable color output, set the NO_COLOR environment variable:

NO_COLOR=true ./run.sh --host arm.stbu.net

Disclaimer

This utility is intended for educational and ethical testing purposes only. Only run it against hosts you own or have explicit permission to test. Unauthorized testing is illegal and unethical.

Use at your own risk. The author of this utility is not responsible for any illegal activities or misuse.

http-bad-request-tester's People

Contributors

steffenbusch avatar

Watchers

avatar

http-bad-request-tester's Issues

Overview report

After running all desired test cases, an overview should be printed with the HTTP Status Code for each file (= test case)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.