Skip to content

Commit d082174

Browse files
MDA2AVMDA2AV
committed
Update README
1 parent 1f53d83 commit d082174

1 file changed

Lines changed: 3 additions & 2 deletions

File tree

README.md

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,14 +4,15 @@ HTTP/1.1 server compliance and security tester. Sends malformed, ambiguous, and
44

55
**Website:** [mda2av.github.io/Http11Probe](https://MDA2AV.github.io/Http11Probe/) — full documentation, test glossary with RFC citations, and live probe results across all tested servers.
66

7-
## 194 Tests across 4 Categories
7+
## 203 Tests across 5 Categories
88

99
| Category | Tests | What it covers |
1010
|----------|------:|----------------|
1111
| **Compliance** | 76 | RFC 9110/9112 protocol requirements — bare LF, obs-fold, missing Host, invalid versions, chunked encoding, connection semantics, upgrade handling, etc. |
1212
| **Smuggling** | 87 | CL/TE ambiguity, duplicate Content-Length, pipeline desync, TE obfuscation, chunk extension abuse, bare LF in chunked framing, URI/Host mismatch |
1313
| **Malformed Input** | 26 | Binary garbage, oversized URLs/headers/methods, NUL bytes, control characters, integer overflow, overlong UTF-8, encoded CRLF injection |
1414
| **Normalization** | 5 | Header name casing, whitespace trimming, and other normalization behaviors |
15+
| **Caching** | 9 | Conditional request support — ETag, Last-Modified, If-None-Match precedence, weak comparison, edge cases |
1516

1617
Each test is scored against RFC normative language (MUST/SHOULD/MAY) and classified as **Pass**, **Fail**, or **Warn** (when the RFC permits both strict and lenient behavior).
1718

@@ -45,7 +46,7 @@ dotnet run --project src/Http11Probe.Cli -- --host localhost --port 8080
4546
|------|-------------|---------|
4647
| `--host` | Target hostname or IP address | `localhost` |
4748
| `--port` | Target port number | `8080` |
48-
| `--category` | Run only tests in this category (`Compliance`, `Smuggling`, `MalformedInput`, `Normalization`) | all |
49+
| `--category` | Run only tests in this category (`Compliance`, `Smuggling`, `MalformedInput`, `Normalization`, `Capabilities`) | all |
4950
| `--test` | Run only specific test IDs, case-insensitive (repeatable) | all |
5051
| `--timeout` | Connect and read timeout in seconds per test | `5` |
5152
| `--output` | Write JSON results to file ||

0 commit comments

Comments
 (0)