slowhttptest free online tool

SlowHTTPTest is a flexible and configurable open source testing tool. In contrast to other tools on this list, SlowHTTPTest simulates a Denial of Service (DoS) attack on your web server.

Results

Hit "Execute" button to see the result in this pane

Description of slowhttptest

slowhttptest, a tool to test for slow HTTP DoS vulnerabilities - version 1.8.2
Usage: slowhttptest [options ...]
Test modes:
-H               slow headers a.k.a. Slowloris (default)
-B               slow body a.k.a R-U-Dead-Yet
-R               range attack a.k.a Apache killer
-X               slow read a.k.a Slow Read

Reporting options:

-g               generate statistics with socket state changes (off)
-o file_prefix   save statistics output in file.html and file.csv (-g required)
-v level         verbosity level 0-4: Fatal, Info, Error, Warning, Debug

General options:

-c connections   target number of connections (50)
-i seconds       interval between followup data in seconds (10)
-l seconds       target test length in seconds (240)
-r rate          connections per seconds (50)
-s bytes         value of Content-Length header if needed (4096)
-t verb          verb to use in request, default to GET for
slow headers and response and to POST for slow body
-u URL           absolute URL of target (http://localhost/)
-x bytes         max length of each randomized name/value pair of
followup data per tick, e.g. -x 2 generates
X-xx: xx for header or &xx=xx for body, where x
is random character (32)
-f content-type  value of Content-type header (application/x-www-form-urlencoded)
-m accept        value of Accept header (text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5)

Probe/Proxy options:

-d host:port     all traffic directed through HTTP proxy at host:port (off)
-e host:port     probe traffic directed through HTTP proxy at host:port (off)
-p seconds       timeout to wait for HTTP response on probe connection,
after which server is considered inaccessible (5)
-j cookies       value of Cookie header (ex.: -j "user_id=1001; timeout=9000")

Range attack specific options:

-a start        left boundary of range in range header (5)
-b bytes        limit for range header right boundary values (2000)

Slow read specific options:

-k num          number of times to repeat same request in the connection. Use to
multiply response size if server supports persistent connections (1)
-n seconds      interval between read operations from recv buffer in seconds (1)
-w bytes        start of the range advertised window size would be picked from (1)
-y bytes        end of the range advertised window size would be picked from (512)
-z bytes        bytes to slow read from receive buffer with single read() call (5)

Results history