>>> Client Simulator <<< > Simpler is Better < What it is --- This tools simply simulates HTTP traffic to one ore more web applications from a single source. It just makes life easier when you want to simulate some behavior, mix legitimate and malicious traffic, test some browsing scenarios etc. What it is not --- A tool to perform a DoS attack, as it is asymetric, but the other way: 1 against n. If you don"t understand that statement ask yourself how the hell you got here. How it works --- Simple. The clientsim.pl script calls the clientsim.conf file. clientsim.conf --- The configuration file is built of several sections which define the behaviour of each simulated client. A section is identified with a name between brackets. Options - 4 options have to be defined below the section name, they are identified by a leading star "*". *address:<value> IP address of the target application *weight:<value> Multiplicator for all the timers defined in the section: recuuring delay and think time. *recurring-delay:<value> Delay in seconds before the scenario is played again when completed. *disabled:<0|1> (optional, default: 0) Specifies if the section is active or not. Browsing scenario - A scenario is defined with two types of directives: requests and think time. Requests - They are detailed with a method (GET or POST), then the URI (including the querystring). In case of data to be posted, they must be appended to the URI, separated by a pipe "|". examples: GET /search.php?item=1001&display=1 POST /login.asp?new=true|login=foo&pass=bar Think time - The THINK directive makes it possible to define a wait delay before next requests are executed. The format of the directive is: THINK <minimum_delay>:<maximum_delay> These delays are subject to the recurring-delay option. Example file - An exemple file is provided with the archive: clientsim.conf.full.