Skip to content

Commit 95bc6a9

Browse files
MDA2AVMDA2AV
committed
Update README
1 parent 5422b2f commit 95bc6a9

1 file changed

Lines changed: 4 additions & 3 deletions

File tree

README.md

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -4,15 +4,16 @@ HTTP/1.1 server compliance and security tester. Sends malformed, ambiguous, and
44

55
**Website:** [mda2av.github.io/Http11Probe](https://MDA2AV.github.io/Http11Probe/) — full documentation, test glossary with RFC citations, and live probe results across all tested servers.
66

7-
## 203 Tests across 5 Categories
7+
## 215 Tests across 6 Categories
88

99
| Category | Tests | What it covers |
1010
|----------|------:|----------------|
1111
| **Compliance** | 76 | RFC 9110/9112 protocol requirements — bare LF, obs-fold, missing Host, invalid versions, chunked encoding, connection semantics, upgrade handling, etc. |
1212
| **Smuggling** | 87 | CL/TE ambiguity, duplicate Content-Length, pipeline desync, TE obfuscation, chunk extension abuse, bare LF in chunked framing, URI/Host mismatch |
1313
| **Malformed Input** | 26 | Binary garbage, oversized URLs/headers/methods, NUL bytes, control characters, integer overflow, overlong UTF-8, encoded CRLF injection |
1414
| **Normalization** | 5 | Header name casing, whitespace trimming, and other normalization behaviors |
15-
| **Caching** | 9 | Conditional request support — ETag, Last-Modified, If-None-Match precedence, weak comparison, edge cases |
15+
| **Cookies** | 12 | Cookie parsing, Set-Cookie handling, and RFC 6265bis compliance |
16+
| **Capabilities** | 9 | Server capability detection — keep-alive, pipelining, chunked responses (unscored) |
1617

1718
Each test is scored against RFC normative language (MUST/SHOULD/MAY) and classified as **Pass**, **Fail**, or **Warn** (when the RFC permits both strict and lenient behavior).
1819

@@ -46,7 +47,7 @@ dotnet run --project src/Http11Probe.Cli -- --host localhost --port 8080
4647
|------|-------------|---------|
4748
| `--host` | Target hostname or IP address | `localhost` |
4849
| `--port` | Target port number | `8080` |
49-
| `--category` | Run only tests in this category (`Compliance`, `Smuggling`, `MalformedInput`, `Normalization`, `Capabilities`) | all |
50+
| `--category` | Run only tests in this category (`Compliance`, `Smuggling`, `MalformedInput`, `Normalization`, `Cookies`, `Capabilities`) | all |
5051
| `--test` | Run only specific test IDs, case-insensitive (repeatable) | all |
5152
| `--timeout` | Connect and read timeout in seconds per test | `5` |
5253
| `--output` | Write JSON results to file ||

0 commit comments

Comments
 (0)