Repository: utkusen/reqstress
Branch: main
Commit: a1af405c2c05
Files: 7
Total size: 10.5 KB

Directory structure:
gitextract__4aps3bs/

├── .gitignore
├── .goreleaser.yml
├── LICENSE
├── README.md
├── go.mod
├── go.sum
└── main.go

================================================
FILE CONTENTS
================================================

================================================
FILE: .gitignore
================================================
dist/


================================================
FILE: .goreleaser.yml
================================================
# This is an example .goreleaser.yml file with some sane defaults.
# Make sure to check the documentation at http://goreleaser.com
before:
  hooks:
    # You may remove this if you don't use go modules.
    - go mod tidy
    # you may remove this if you don't need go generate
    - go generate ./...
builds:
  - env:
      - CGO_ENABLED=0
    goos:
      - linux
      - windows
      - darwin
archives:
  - replacements:
      darwin: macOS
      linux: Linux
      windows: Windows
      386: i386
      amd64: amd64
    format: tar.gz
    format_overrides:
        - goos: windows
          format: zip
checksum:
  name_template: 'checksums.txt'
snapshot:
  name_template: "{{ .Tag }}-next"
changelog:
  sort: asc
  filters:
    exclude:
      - '^docs:'
      - '^test:'


================================================
FILE: LICENSE
================================================
MIT License

Copyright (c) 2021 Utku Sen

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


================================================
FILE: README.md
================================================
# reqstress

reqstress is a benchmarking&stressing tool that can send raw HTTP requests. It's written in Go and uses [fasthttp](https://github.com/valyala/fasthttp) library instead of Go's default http library, because of its lightning-fast performance.

## Why Do We Need Another Benchmarking Tool?

There are really great benchmarking tools out there such as [wrk](https://github.com/wg/wrk), [bombardier](https://github.com/codesenberg/bombardier), [hey](https://github.com/rakyll/hey), [ab](https://httpd.apache.org/docs/2.4/tr/programs/ab.html). Some of them don't support sending custom requests, they are only sending a GET request to a given URL. Some of them support custom requests but it's really hard to craft one by using command line parameters. I wanted to create a tool that can read a raw HTTP request from a text file and replays it. 

So, you can copy your favorite request from Burp Suite, Fiddler etc. and pass it to the reqstresser directly. It would be useful for stressing authenticated endpoints and specific requests that create a huge load.

## reqstress vs. Other Tools

reqstresser is not the fastest benchmarking tool, but it's not bad either. I tested couple of popular tools on a $20 Linode server with same amount of threads. Here is the result:


| Tool         | Num. of Sent Requests | Duration |
|--------------|-----------------------|----------|
| wrk          | ~45000                 | 10s      |
| bombardier   | ~41000                 | 10s      |
| ab           | ~40000                 | 10s      |
| reqstress    | ~39304                 | 10s      |
| hey          | ~35127                 | 10s      |
| goldeneye.py | ~10913                 | 10s      |


# Installation

## From Binary

You can download the pre-built binaries from the [releases](https://github.com/utkusen/reqstress/releases) page and run. For example:

`wget https://github.com/utkusen/reqstress/releases/download/v0.1.4/reqstress_0.1.4_Linux_amd64.tar.gz`

`tar xzvf reqstress_0.1.4_Linux_amd64.tar.gz`

`./reqstress --help`

## From Source

1. Install Go on your system
2. Run: `go install github.com/utkusen/reqstress@latest`

# Usage

reqstress requires 6 parameters to run: 

`-r` : Path of the request file. For example: `-r request.txt`. Request file should contain a raw HTTP request. For example:

```http
POST /wp-login.php HTTP/1.1
Host: 1.1.1.1
Content-Length: 107
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Origin: http://1.1.1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://1.1.1.1/wp-login.php?redirect_to=http%3A%2F%2F1.1.1.1%2Fwp-admin%2F&reauth=1
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: wordpress_test_cookie=WP%20Cookie%20check
Connection: close

log=admin&pwd=asdadsasdads

```

`-w` : The number of workers to run (e.g `-w 750`). The default value is 500. You can increase or decrease this by testing out the capability of your system.

`-d` : Duration of the test (in seconds) (e.g `-d 60`). Default is infinite.

`-https` : Target protocol. Can be `true` or `false` (e.g `-https=false`). Default is `true`

`-t` : Request timeout. (e.g `-t 1`). Default is 5(seconds) 


================================================
FILE: go.mod
================================================
module reqstress

go 1.13

require github.com/valyala/fasthttp v1.26.0


================================================
FILE: go.sum
================================================
github.com/andybalholm/brotli v1.0.2 h1:JKnhI/XQ75uFBTiuzXpzFrUriDPiZjlOSzh6wXogP0E=
github.com/andybalholm/brotli v1.0.2/go.mod h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
github.com/klauspost/compress v1.12.2 h1:2KCfW3I9M7nSc5wOqXAlW2v2U6v+w6cbjvbfp+OykW8=
github.com/klauspost/compress v1.12.2/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg=
github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
github.com/valyala/fasthttp v1.26.0 h1:k5Tooi31zPG/g8yS6o2RffRO2C9B9Kah9SY8j/S7058=
github.com/valyala/fasthttp v1.26.0/go.mod h1:cmWIqlu99AO/RKcp1HWaViTqc57FswJOfYYdPJBl8BA=
github.com/valyala/tcplisten v1.0.0/go.mod h1:T0xQ8SeCZGxckz9qRXTfG43PvQ/mcWh7FwZEA7Ioqkc=
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210514084401-e8d321eab015/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=


================================================
FILE: main.go
================================================
package main

import (
	"bufio"
	"bytes"
	"crypto/tls"
	"flag"
	"fmt"
	"io"
	"io/ioutil"
	"net/http"
	"os"
	"strings"
	"sync"
	"sync/atomic"
	"time"

	"github.com/valyala/fasthttp"
)

var averageTime time.Duration
var numOfSuccess int32
var numOfFail int32
var numOfnon200 int32
var mtx sync.Mutex
var urlStr string

func sendRequest(client *fasthttp.Client, req *fasthttp.Request, wg *sync.WaitGroup, timeout int) {
	defer wg.Done()
	for {
		resp := fasthttp.AcquireResponse()
		timeStart := time.Now()
		err := client.DoTimeout(req, resp, time.Duration(timeout)*time.Second)
		if err != nil {
			atomic.AddInt32(&numOfFail, 1)
			continue
		}

		go setAvarageTime(averageTime + time.Since(timeStart))
		if resp.StatusCode() == fasthttp.StatusOK {
			atomic.AddInt32(&numOfSuccess, 1)
		} else {
			atomic.AddInt32(&numOfnon200, 1)
		}
	}
}

func setAvarageTime(newTime time.Duration) {
	mtx.Lock()
	averageTime = newTime
	mtx.Unlock()
}

func main() {

	requestFile := flag.String("r", "", "Path of request file")
	numWorker := flag.Int("w", 500, "Number of worker. Default: 500")
	duration := flag.Int("d", 0, "Test duration. Default: infinite")
	timeout := flag.Int("t", 5, "HTTP request timeout (sec.)")
	https := flag.Bool("https", true, "Enable https protocol")
	flag.Parse()
	if *requestFile == "" {
		fmt.Println("Please specify all arguments!")
		flag.PrintDefaults()
		os.Exit(1) // Exit condition requires non-zero exit code
	}
	content, err := ioutil.ReadFile(*requestFile)
	if err != nil {
		panic(err)
	}

	httpRequest, err := http.ReadRequest(bufio.NewReader(bytes.NewReader(content)))
	if err != nil && err != io.ErrUnexpectedEOF {
		panic(err)
	}

	var wg sync.WaitGroup
	urlStr = "http://" + httpRequest.Host + httpRequest.RequestURI
	if *https {
		urlStr = "https://" + httpRequest.Host + httpRequest.RequestURI
	}

	bodyBytes, err := ioutil.ReadAll(httpRequest.Body)
	if err != nil {
		panic(err)
	}
	req := fasthttp.AcquireRequest()

	req.SetRequestURI(urlStr)
	req.Header.SetMethod(httpRequest.Method)
	if httpRequest.Method == "POST" {
		req.SetBody(bodyBytes)
	}
	for key, element := range httpRequest.Header {
		req.Header.Set(key, strings.Join(element, ","))
	}
	req.Header.Set("Connection", "keep-alive")
	req.Header.Set("Cache-Control", "no-cache")
	req.Header.Set("Content-Length", string(rune(httpRequest.ContentLength)))

	client := &fasthttp.Client{
		TLSConfig: &tls.Config{InsecureSkipVerify: true},
	}

	fmt.Println("Starting the action...")
	fmt.Println("The request will be sent:")
	fmt.Println("_________________________________")
	fmt.Println(string(content))
	fmt.Println("_________________________________")
	for i := 0; i < *numWorker; i++ {
		wg.Add(1)
		go sendRequest(client, req, &wg, *timeout)
	}

	if *duration != 0 {
		time.Sleep(time.Duration(*duration) * time.Second)
		fmt.Println("")
		fmt.Println("---------Results--------------------")
		fmt.Println("")
		fmt.Println("Total Requests Sent:", numOfSuccess+numOfnon200+numOfFail)
		fmt.Println("Number of 200OK Responses:", numOfSuccess)
		fmt.Println("Number of non-200OK Responses:", numOfnon200)
		fmt.Println("Number of Failed Responses:", numOfFail)
		fmt.Println("Avg. Response Time:", averageTime/time.Duration(numOfSuccess+numOfnon200+numOfFail))
		os.Exit(0) // Exit without error
	}
	fmt.Println("Infinite mode is active. No output will be shown..")
	wg.Wait()
}