close search bar

Sorry, not available in this language yet

close language selection
WebSocket Server Test Suite Data Sheet
Test Suite:
WebSocket Server Test Suite
Direction:
Server

The WebSocket protocol enables bi-directional, full-duplex communication channel over a single TCP socket. The WebSocket Protocol is designed to work between web browsers and servers, but it can be used in any application. The goal of the WebSocket protocol is to provide a mechanism for applications in web browsers that need two-way communication with servers that does not rely on opening multiple HTTP connections. This test suite can be used to test WebSocket servers for security flaws and robustness problems. The test suite contains test cases for testing WebSocket protocol specific operations like WebSocket Handshake and control frames. Additionally the test suite can be configured to test web service specific payload which goes over the WebSocket.

Used specifications

Specification
Title
Notes
RFC6455
The WebSocket Protocol
RFC6454
The Web Origin Concept
RFC3986
Uniform Resource Identifier (URI): Generic Syntax
Parts that are needed in WebSocket Handshake
RFC2616
Hypertext Transfer Protocol -- HTTP/1.1
Parts that are needed in WebSocket Handshake
RFC2617
HTTP Authentication: Basic and Digest Access Authentication
Parts that are needed in WebSocket Handshake

Tool-specific information

Tested messages
Notes
Specifications
WebSocket Handshake Request
RFC6455
WebSocket Control Frame - Close
RFC6455
WebSocket Control Frame - Ping
RFC6455
WebSocket Control Frame - Pong
RFC6455
WebSocket Data Frame
RFC6455

Feature
Description
WebSocket payload fuzzing

Payload that goes over WebSocket can be fuzzed.

JSON payload fuzzing

Specific test cases are generated for JSON payload.

Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis