GithubHelp home page GithubHelp logo

zer0yu / blazehttp Goto Github PK

View Code? Open in Web Editor NEW

This project forked from chaitin/blazehttp

0.0 1.0 0.0 65 KB

可用于安全测试的非标准HTTP协议解析库

License: GNU General Public License v3.0

Shell 1.55% Go 82.52% Makefile 0.33% Ragel 15.61%

blazehttp's Introduction

BlazeHTTP

一个支持非标准HTTP请求/响应解析的库,附送一个发送大量非标准HTTP请求测试的工具。Enjoy yourself!

(Named by GPT!)

轮子?

公交车的轮子转啊转, 转啊转~, 跑题了~

该项目是为解决下面问题:

  1. 标准库不支持解析畸形的HTTP请求
  2. 请求文件需要有标签等标注信息
  3. 没有免费的工具发送大量HTTP请求
  4. 怎么确定WAF工作了?附送一些攻击样本

如果项目对您有用, 欢迎star、fork! 如果项目有任何问题,欢迎提PR!

使用帮助

以库形式引用

go get github.com/chatin/blazehttp/http

命令行工具

go build ./cmd/blazehttp

小试牛刀

# 测试请求
./blazehttp -t http://192.168.0.1:8080 -g './testcases/*/*.http'
sending 100% |████████████████████████████████████████████████████████████████████████████| (102/102, 36 it/s)
Total http file: 102, success: 102 failed: 0
Stat http response code

Status code: 403 hit: 100
Status code: 200 hit: 2

Stat http request tag

tag: cmdi hit: 12
tag: shellshock hit: 1
tag: file_include hit: 14
tag: php_code hit: 10
tag: sqli hit: 15
tag: xxe hit: 5
tag: asp_code hit: 1
tag: java_code hit: 1
tag: java_unserialize hit: 1
tag: directory_traversal hit: 9
tag: black hit: 100
tag: ognl hit: 1
tag: ldap hit: 3
tag: php_unserialize hit: 8
tag: ssrf hit: 4
tag: white hit: 2
tag: xslti hit: 3
tag: file_upload hit: 1
tag: ssti hit: 3
tag: xss hit: 10

blazehttp's People

Contributors

kingfs avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.