rfuzz
... and with strange æons, even death may die.
home
quick info about rfuzz
sample
get the idea
design
how rfuzz's designed
theory
the theory behind rfuzz
practice
using rfuzz for real
statistics
learn statistics
docs
API and other info
project
rubyforge project page
credit
people who helped
RFuzz’s Design
RFuzz is designed similar Mongrel in that it is:
- As simple and thin as possible while still being useful.
- Based on a C based HTTP parser for processing the response correctly.
- Simple usage for the majority of cases, but extensible for advanced users.
- Very consistent design to reduce the learning curve.
RFuzz adds a few more constraints that Mongrel can’t have:
- Absolutely no exception handling so that test failures are exposed.
- No threads or blocks unless they make a DSL more useful.
- All requests are based on data elements (hashes, strings, arrays) so they can be stored.
Design Goals
A primary reason for working on RFuzz is to motivate myself to write an HTTP client based on the Mongrel C parser. I wasn’t too happy with the net/http client for many situations, and when using it for testing it was hiding too much information. I needed something bare metal so that I could feel every hit like an aluminum bat fighting a chainsaw.
In order to build a complete fuzzing system for HTTP it’s also necessary to build a generic set of additional tools: client library, random generator, session maintenance, and test harnesses. By aiming for a fuzzing tool I’m able to also write many other libraries that are useful outside of the RFuzz project.
Finally, a secondary design goal is to base the usage and instructions for RFuzz on scientific statistical analysis. I’m not a grand expert in this, but hopefully I can use RFuzz as the carrot that gets people interested in analyzing software information with statistics.
RFuzz Tour (as of 0.6)
- RFuzz—Main RFuzz module.
- RFuzz::HttpClient—The base HTTP client class for accessing the server.
- RFuzz::HttpEncoding —Mixin module that handles various HTTP encodings.
- RFuzz::HttpResponse —A Hash with extra variables particular to an HTTP response.
- RFuzz::Notifier —You can register one of these with HttpClient to get status during the request process.
- RFuzz::RandomGenerator —Generates random stuff very fast and consistently on all machines.
- RFuzz::Sampler —Used to conduct statistical sampling.
- RFuzz::Session —Implements a simple DSL for running tests, generating randomness, and gathering Sampler stats, then recording them to .csv files to later analysis.
You can get a lot more documentation from the RDoc generated documentation and you can check out the samples to find out how this stuff is used.