"The Codenomicon tools are amazing. Using them is like being attacked by the most relentless adversary who uses every possible method to find flaws in your code
We fixed subtle crash bugs in Samba that had been in the code for over ten years. We would never have found those bugs without the Codenomicon tools.
If you're serious about implementing protocols correctly, you need the Codenomicon tools."
-- Jeremy Allison,
Co Creator of Samba
Products by Protocol
HTTP Server Suite Data Sheet
- Test Suite: HTTP Server Suite
- Direction: Server
Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. This test suite can be used to test HTTP Server implementations for security flaws and robustness problems.
Used specifications
| Specification | Title |
|---|---|
| RFC850 | Standard for Interchange of USENET Messages |
| RFC1123 | Requirements for Internet Hosts - Application and Support |
| RFC1808 | Relative Uniform Resource Locators |
| RFC1945 | Hypertext Transfer Protocol -- HTTP/1.0 |
| RFC2068 | Hypertext Transfer Protocol -- HTTP/1.1 |
| RFC2109 | HTTP State Management Mechanism |
| RFC2396 | Uniform Resource Identifiers (URI): Generic Syntax |
| RFC2616 | Hypertext Transfer Protocol -- HTTP/1.1 |
| RFC2617 | HTTP Authentication: Basic and Digest Access Authentication |
| RFC2743 | Generic Security Service Application Program Interface Version 2, Update 1 |
| RFC2965 | HTTP State Management Mechanism |
| RFC3986 | Uniform Resource Identifier (URI): Generic Syntax |
| RFC4178 | The Simple and Protected Generic Security Service Application Program Interface (GSS-API) Negotiation Mechanism |
| RFC5843 | Additional Hash Algorithms for HTTP Instance Digests |
| RFC5861 | HTTP Cache-Control Extensions for Stale Content |
| RFC5987 | Character Set and Language Encoding for Hypertext Transfer Protocol (HTTP) Header Field Parameters |
| RFC6266 | Use of the Content-Disposition Header Field in the Hypertext Transfer Protocol (HTTP) |
| draft-hixie-thewebsocketprotocol-35 | The Web Socket protocol |
| MS-NLMP | NT LAN Manager (NTLM) Authentication Protocol Specification |
| MS-SPNG | Simple and Protected Generic Security Service Application Program Interface Negotiation Mechanism (SPNEGO) Protocol Extensions |
Test tool general features
- Fully automated black-box negative testing
- Ready-made test cases
- Written in Java(tm)
- GUI, command line, remote interface modes
- Instrumentation (health-check) capability
- Support and maintenance
- Comprehensive user documentation
- Results reporting and analysis
Tool-specific information
| Tested messages | Notes | Specifications |
|---|---|---|
| GET | RFC2616 | |
| OPTIONS | RFC2616 | |
| HEAD | RFC2616 | |
| POST | RFC2616 | |
| PUT | RFC2616 | |
| DELETE | RFC2616 | |
| TRACE | RFC2616 | |
| CONNECT | RFC2616 | |
| LINK | RFC1945 | |
| UNLINK | RFC1945 | |
| The Web Socket Handshake | draft-hixie-thewebsocketprotocol-35 |
Select Protocol:
List of available test suites. Please note that the information in these sheets is subject to periodical change.
Test Tool Datasheet:
Contact Us:
Contact us for more information