The TestClient is an application for injecting a set of requests that are read from audit-log data as produced by mod_security or the AuditLogger into a web server that might as well be a reverse-proxy in front of a backend server. This can be used to evaluate rulesets with regard to performance or detection-rate issues. A description of such an evaluation of the mod_security core-rules and the gotroot ruleset can be found in my article on the Evaluation of Rulesets.

The application itself is currently in a beta-testing state. If you are interested in trying it/using it for your own evaluations just let me know and I will make it available for you.

Known Bugs

  • Handling of multipart/form-data does not work properly

Feature Plans/Ideas

  • A small GUI for easy use for non-shell users
  • A nice reporting of test-results (performance-results)
  • Multi-threading to raise the number of requests sent out
  • Distributed coordination-sync to start distributed stress-testing with multiple real-client machines/simulate botnet-attacks