| 1 | #!/bin/bash |
| 2 | # Red-team: Resilience/chaos โ retry storms, partial failure, cache desync, config stale |
| 3 | SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" |
| 4 | source "$SCRIPT_DIR/../config.sh" |
| 5 | OUT="$OUT/resilience" |
| 6 | mkdir -p "$OUT" |
| 7 | |
| 8 | echo '=== RESILIENCE & CHAOS RED-TEAM ===' | tee "$OUT/summary.txt" |
| 9 | |
| 10 | # Retry storm simulation (rapid reconnects without completing) |
| 11 | echo '--- Connection Retry Storm (20 parallel half-open) ---' | tee -a "$OUT/summary.txt" |
| 12 | for i in $(seq 1 20); do |
| 13 | curl -sk -o /dev/null --max-time 2 --connect-timeout 1 "$TARGET/" &>/dev/null & |
| 14 | done |
| 15 | wait |
| 16 | echo 'Retry storm complete โ check if server is still responsive' | tee -a "$OUT/summary.txt" |
| 17 | resp=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 "$TARGET/") |
| 18 | echo "[$resp] Server response after storm" | tee -a "$OUT/summary.txt" |
| 19 | |
| 20 | # Slow Loris style โ keep connections open with slow headers (test connection limit) |
| 21 | echo '' | tee -a "$OUT/summary.txt" |
| 22 | echo '--- Slow Client (large response streaming) ---' | tee -a "$OUT/summary.txt" |
| 23 | resp=$(curl -sk -o /dev/null -w '%{http_code} %{time_total}' --max-time 15 --limit-rate 1 "$TARGET/") |
| 24 | echo "[$resp] Slow download test" | tee -a "$OUT/summary.txt" |
| 25 | |
| 26 | # Cache desync โ different Accept headers same URL |
| 27 | echo '' | tee -a "$OUT/summary.txt" |
| 28 | echo '--- Cache Desync via Accept Header ---' | tee -a "$OUT/summary.txt" |
| 29 | r1=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 -H 'Accept: application/json' "$TARGET/") |
| 30 | r2=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 -H 'Accept: text/html' "$TARGET/") |
| 31 | r3=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 -H 'Accept: */*' "$TARGET/") |
| 32 | echo "[$r1] Accept: application/json" | tee -a "$OUT/summary.txt" |
| 33 | echo "[$r2] Accept: text/html" | tee -a "$OUT/summary.txt" |
| 34 | echo "[$r3] Accept: */*" | tee -a "$OUT/summary.txt" |
| 35 | |
| 36 | # Rate-limit cascade โ send exactly at limit, then burst to check cascade |
| 37 | echo '' | tee -a "$OUT/summary.txt" |
| 38 | echo '--- Rate Limit Cascade Test (80 rapid requests) ---' | tee -a "$OUT/summary.txt" |
| 39 | declare -A rcounts |
| 40 | for i in $(seq 1 80); do |
| 41 | code=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 3 "$TARGET/") |
| 42 | rcounts[$code]=$(( ${rcounts[$code]:-0} + 1 )) |
| 43 | done |
| 44 | for code in "${!rcounts[@]}"; do |
| 45 | echo " HTTP $code: ${rcounts[$code]} times" | tee -a "$OUT/summary.txt" |
| 46 | done |
| 47 | |
| 48 | # Circuit breaker test โ rapid 404 errors to trip circuit |
| 49 | echo '' | tee -a "$OUT/summary.txt" |
| 50 | echo '--- Circuit Breaker Trip (repeated 404s) ---' | tee -a "$OUT/summary.txt" |
| 51 | declare -A cbcounts |
| 52 | for i in $(seq 1 30); do |
| 53 | code=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 5 "$TARGET/nonexistent-$RANDOM") |
| 54 | cbcounts[$code]=$(( ${cbcounts[$code]:-0} + 1 )) |
| 55 | done |
| 56 | for code in "${!cbcounts[@]}"; do |
| 57 | echo " HTTP $code: ${cbcounts[$code]} times" | tee -a "$OUT/summary.txt" |
| 58 | done |
| 59 | resp=$(curl -sk -o /dev/null -w '%{http_code}' --max-time 10 "$TARGET/") |
| 60 | echo "[$resp] Server still responds after 404 storm" | tee -a "$OUT/summary.txt" |
| 61 | |
| 62 | cat "$OUT/summary.txt" |
| 63 |
Script Viewer
Red Team Suite › 18_resilience_chaos.sh