RFuzz 0.4 -- Almost Works Usefully

Another quick release of RFuzz for the people interested in playing with
it. It’s still sitting on my site but I’ll probably be moving it to
rubyforge next week.



RFuzz is a HTTP server “fuzzing” library, or just general testing
library. It’s the result of bringing together the various Ruby scripts
I use to thrash Mongrel into a cohesive framework people can use to
write their own tests and stability and performance measurements.


  • A complete alternative HttpClient that makes ALL http requests simple
    based on the Mongrel HTTP parser.
    • The client is very correct, so it complains about your server your
      server is probably wrong.
    • It allows you to construct any HTTP request, even really weird evil
    • All requests are done with simple function calls and passed data so
      you can store the request parameters in a YAML file for “scripting”.
    • No blocks.
    • You can register “defaults” to the client and it’ll use those on
      each request, reducing repetition.
    • It tracks simple cookies so that a client acts like a client.
    • Doesn’t intercept any exceptions so you can see them.
    • Allows you to register a Notifier to watch the process of each
  • A RandomGenerator that can produce random things based on an ArcFour
  • A simple statistics calculation system to gather information about
    requests (or anything).
  • A small DSL for running fuzzing sessions with minimal effort.
  • Everything is out of your way, so you don’t have to use the DSL if you
    don’t want.
  • Lots of decent documentation.

RFuzz has lots of little goodies in it that are useful outside of the
RFuzz project, but I’ll be breaking those out in the future.


Here’s a very small sample session which thrashes a server with a bunch
of randomly generated URIs:

require ‘rfuzz/session’
include RFuzz
s = Session.new :host => “localhost”, :port => 3000
s.run 5, :save_as => [“runs.csv”,“counts.csv”] do |c,r|
uris = r.uris(50,r.num(30))
uris.each do |u|
s.count_errors(:words) do
resp = c.get(u)
s.count resp.http_status

It then produces two files: runs.csv and counts.csv. These files
contain statistics about the above s.run that you can put through
R, gnuplot, or a spreadsheet to analyze.

Feel free to play with it. The next step is hooking into Test::Unit
to make it easy to write tests like this.