Repulsive Grizzly – Application Layer DoS Testing Framework

Application Layer DoS Testing Framework

What is Repulsive Grizzly?

Repulsive Grizzly is an application layer load testing framework specifically designed to support high throughput and sophisticated request types. Repulsive Grizzly can help you confirm application layer Denial of Service (DoS) by running your test at a higher concurrency with other features such as session round robining to help you bypass certain rate limiters or web application firewalls.

Why is Repulsive Grizzly Different?

The main difference between Repulsive Grizzly and other load testing tools is we’re specifically focused on providing a framework that makes Application Denial of Service testing easier. Some features that are useful in Repulsive Grizzly include:

  • Optional support to run tests within Cloudy Kraken a red team orchestration framework that can help you scale up your test across multiple datacenters or regions
  • Logging messages to centralized Amazon SNS queue for aggregation during larger exercises such as running a multiple agent test with Cloudy Kraken
  • Ability to round robin authentication objects using placeholders in headers, cookies, and/or POST:GET:PUT:DELETE data
  • Ability to round robin target URLs or fix one URL per attack agent
  • Sanity check logic to confirm your environment is stable enough to begin the test
  • Leverages Eventlet for high concurrency, allowing you to scale up to > 300 threads per repulsive grizzly agent
  • Provides TTL as well as start time so multiple agent scans conducted with Cloudy Kraken start and stop at the same time
  • HTTP Proxy support for troubleshooting
  • Grizzly Dashboard to aggregate and graph http status codes while you run multi agent tests

How Does Repulsive Grizzly Perform Tests?

Grizzly Flowchat

The typical execution of Repulsive Grizzly is as follows:

  1. Validate the commands.json file for good settings
  2. Sleep until start time is triggered
  3. Validate that the sanity check URL returns a HTTP 200
  4. Build Eventlet Pool of request objects based on the commands file
  5. Begin execution of the test
  6. Log messages to console and Amazon SNS messaging queue (if configured)
  7. Each iteration check TTL and one triggered, exit the test

Getting Started

Wiki

What is Skunkworks?

Skunkworks projects are not fully supported unlike other projects we open source. We are leveraging the Skunkworks project to demonstrate one way engineers can approach application layer load testing. We’d be happy to accept Pull Requests for bug fixes or features.

Installation

[php]git clone https://github.com/Netflix-Skunkworks/repulsive-grizzly.git
cd repulsive-grizzly
pip3 install -r requirements.txt
python3 grizzly.py[/php]

Configuration

You can configure Repulsive Grizzly by editing file commands.json you can find an example by opening file commands-template.json.

[php]{
"hostname": "www.yourcompaniessitehere.com",
"urls": [
"https://www.yourcompaniessitehere.com?foo=$$AUTH$$",
"https://www.yourcompaniessitehere.co?test"
],
"perform_sanity_check": true,
"sanity_check_url": "https://www.www.yourcompaniessitehere.com/healthcheck",
"verb": "GET",
"post_data": "example.json",
"ttl": 300,
"threads": 300,
"one_url_per_agent": true,
"headers": "default",
"start_time": "01:59:00",
"use_auth": true,
"auth_store_count": 3,
"auth_store_name": "tokens",
"use_with_kraken": true,
"sns_region": "us-west-2",
"sns_topic": "arn:aws:sns:us-west-2:2398724230498:kraken",
"proxy": false,
"proxy_config": "127.0.0.1:8080"
}[/php]

Release History

Version 1.0July 29, 2017

Initial Release

CREDITS: Netflix-Skunkworks
DOWNLOAD repulsive-grizzly