Difference between revisions of "OWASP HTTP Post Tool"

From OWASP
Jump to: navigation, search
m
m
(33 intermediate revisions by 3 users not shown)
Line 1: Line 1:
==== Main ====
+
=Main=
  
The OWASP Testing Guide v3 [http://www.owasp.org/index.php/Testing_for_Denial_of_Service 4.9 Denial of Service Testing] outlines numerous areas of Denial of Service. In version 4.0 additional updates will be made.  This QA tool was created to allow you to test your web applications to ensure its stability from HTTP GET and HTTP POST attacks - it will also make your laptop a sniper rifle and will be released [http://www.gnu.org/licenses/gpl.html GPLv3]
+
<div style="width:100%;height:160px;border:0,margin:0;overflow: hidden;">[[File:OWASP_Project_Header.jpg|link=]]</div>
  
* Slides - [http://www.owasp.org/images/4/43/Layer_7_DDOS.pdf Click Here]
+
{| style="padding: 0;margin:0;margin-top:10px;text-align:left;" |-
 +
| valign="top"  style="border-right: 1px dotted gray;padding-right:25px;" |
  
* Comments:
+
==Switchblade==
1. Tested by Spiderlabs: [http://blog.spiderlabs.com/2010/11/advanced-topic-of-the-week-mitigating-slow-http-dos-attacks.html ModSecurity Blog]
+
  
* [http://code.google.com/p/owasp-dos-http-post/downloads/list Get Tool Now]
+
Switchblade is a tool used to conduct load testing on a web application running IIS or Apache sponsored by [http://www.proactiverisk.com proactiveRISK]
Sponsored by: [http://www.proactiverisk.com http://www.owasp.org/images/7/71/Proactiverisk.jpg]
+
  
[http://www.proactiverisk.com/links http://www.owasp.org/images/2/28/Http-post.png]
+
==Introduction==
  
 +
The OWASP Testing Guide v3 [http://www.owasp.org/index.php/Testing_for_Denial_of_Service (Section 4.9) Denial of Service Testing] outlines numerous areas of Denial of Service.  This QA tool was created to allow you to test your web applications to test availability concerns from Layer7 DoS HTTP GET and HTTP POST denial of service attacks and SSL half connects <br>
  
  
  
 +
==Description==
  
==== Project About ====
+
Write a description that is just a few paragraphs long
{{:Projects/OWASP HTTP Post Tool | Project About}}
+
  
  
__NOTOC__ <headertabs />
+
==Licensing==
 +
Switchblade is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
  
  
[[Category:OWASP_Project|HTTP Post Tool]] [[Category:OWASP_Tool]] [[Category:OWASP_Alpha_Quality_Tool]]
+
| valign="top"  style="padding-left:25px;width:200px;border-right: 1px dotted gray;padding-right:25px;" |
 +
 
 +
== What Switchblade ==
 +
 
 +
Switchblade provides QA testing for Layer7 Denial of Service
 +
 
 +
* SSL Half Connect
 +
* HTTP Slow Post
 +
* HTTP Slowloris
 +
 
 +
== Presentation ==
 +
 
 +
* Slides - [http://www.owasp.org/images/4/43/Layer_7_DDOS.pdf OWASP V3.0 Slides Click Here]
 +
 
 +
== Project Leader ==
 +
 
 +
[mailto:tomb@proactiverisk.com Tom Brennan]
 +
 
 +
 
 +
== Related Projects ==
 +
 
 +
== Ohloh ==
 +
 
 +
*https://www.ohloh.net/p/owasp-dos-http-post
 +
 
 +
 
 +
| valign="top"  style="padding-left:25px;width:200px;" |
 +
 
 +
== Quick Download ==
 +
 
 +
* [http://www.proactiverisk.com/home/proactivetools Version 4.0]
 +
<br>
 +
* [http://code.google.com/p/owasp-dos-http-post/downloads/list Google Code]
 +
* [https://github.com/proactiveRISK/ddos-toolbox GITHUB]
 +
 
 +
== Email List ==
 +
 
 +
N/A
 +
 
 +
21-Aug-2014 Version 4.0 Released
 +
 
 +
==Classifications==
 +
 
 +
  {| width="200" cellpadding="2"
 +
  |-
 +
  | align="center" valign="top" width="50%" rowspan="2"| [[File:New projects.png|100px|link=https://www.owasp.org/index.php/OWASP_Project_Stages#tab=Incubator_Projects]]
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-builders-small.png|link=]] 
 +
  |-
 +
  | align="center" valign="top" width="50%"| [[File:Owasp-defenders-small.png|link=]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Cc-button-y-sa-small.png|link=http://creativecommons.org/licenses/by-sa/3.0/]]
 +
  |-
 +
  | colspan="2" align="center"  | [[File:Project_Type_Files_CODE.jpg|link=]]
 +
  |}
 +
 
 +
|}
 +
 
 +
=FAQs=
 +
 
 +
; Q1
 +
: A1
 +
 
 +
; Q2
 +
: A2
 +
 
 +
= Acknowledgements =
 +
==Volunteers==
 +
Switchblade is developed by the proactiveRISK team. The primary contributors to date have been:
 +
 
 +
* Tom Brennan
 +
* Sam Jensen
 +
 
 +
==Others==
 +
* Ryan Barnett
 +
 
 +
= Road Map and Getting Involved =
 +
As of 21-Aug-2014, the priorities are:
 +
* Build additional attack vectors for load testing aka: Denial of Service
 +
* Data telemetry
 +
 
 +
Involvement in the development and promotion of the Switchblade is actively encouraged!
 +
You do not have to be a security expert in order to contribute.
 +
Some of the ways you can help:
 +
* Demonstrate the tools ability to effect availability of any system using SSL, HTTP Post etc.
 +
 
 +
=Project About=
 +
{{:Projects/OWASP HTTP Post Tool | Project About}} 
 +
 
 +
__NOTOC__ <headertabs />
 +
 
 +
[[Category:OWASP_Project|HTTP Post Tool]] [[Category:OWASP_Tool]] [[Category:OWASP_Alpha_Quality_Tool]] [[Category:OWASP_Download]]

Revision as of 21:07, 21 August 2014

[edit]

OWASP Project Header.jpg

Switchblade

Switchblade is a tool used to conduct load testing on a web application running IIS or Apache sponsored by proactiveRISK

Introduction

The OWASP Testing Guide v3 (Section 4.9) Denial of Service Testing outlines numerous areas of Denial of Service. This QA tool was created to allow you to test your web applications to test availability concerns from Layer7 DoS HTTP GET and HTTP POST denial of service attacks and SSL half connects


Description

Write a description that is just a few paragraphs long


Licensing

Switchblade is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.


What Switchblade

Switchblade provides QA testing for Layer7 Denial of Service

  • SSL Half Connect
  • HTTP Slow Post
  • HTTP Slowloris

Presentation

Project Leader

Tom Brennan


Related Projects

Ohloh


Quick Download


Email List

N/A

21-Aug-2014 Version 4.0 Released

Classifications

New projects.png Owasp-builders-small.png
Owasp-defenders-small.png
Cc-button-y-sa-small.png
Project Type Files CODE.jpg

Q1
A1
Q2
A2

Volunteers

Switchblade is developed by the proactiveRISK team. The primary contributors to date have been:

  • Tom Brennan
  • Sam Jensen

Others

  • Ryan Barnett

As of 21-Aug-2014, the priorities are:

  • Build additional attack vectors for load testing aka: Denial of Service
  • Data telemetry

Involvement in the development and promotion of the Switchblade is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • Demonstrate the tools ability to effect availability of any system using SSL, HTTP Post etc.

PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What releases are available for this project?
what is this project?
Name: OWASP HTTP Post Tool (home page)
Purpose: A tool for the purpose of performing web application security assessment around the availability concerns.
License: GPLv3
who is working on this project?
Project Leader(s):
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation: View
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
HttpDosTool3 - 26 November 2006 - (download)
Release description: A tool for load testing HTTP Denial of Service from POST.
Rating: Yellow button.JPG Not Reviewed - Assessment Details
last reviewed release
Not Yet Reviewed


other releases