How to use the command 'vegeta' (with examples)
The ‘vegeta’ command-line utility and library is used for HTTP load testing. It allows users to send a stream of HTTP requests to a target URL and analyze the results.
Use case 1: Launch an attack lasting 30 seconds
Code:
echo "GET https://example.com" | vegeta attack -duration=30s
Motivation: This use case is useful when you want to simulate an attack on a specific URL and measure its performance over a period of time. By specifying the attack duration, you can control the length of the load test.
Explanation:
echo "GET https://example.com": This command sends a GET request to the specified URL.vegeta attack: This command initiates an attack using the requests piped from the previous command.-duration=30s: This argument sets the duration of the attack to 30 seconds.
Example output:
Requests [total, rate] 1500, 50.07
...
Use case 2: Launch an attack on a server with a self-signed HTTPS certificate
Code:
echo "GET https://example.com" | vegeta attack -insecure -duration=30s
Motivation: This use case is helpful when the target server has a self-signed HTTPS certificate, which may cause the attack to fail due to certificate validation errors. By using the -insecure flag, certificate validation is disabled, allowing the attack to proceed.
Explanation:
-insecure: This argument disables SSL/TLS certificate validation when making requests to a target server.- All other arguments have the same meaning as in the previous use case.
Example output:
Requests [total, rate] 1500, 50.07
...
Use case 3: Launch an attack with a rate of 10 requests per second
Code:
echo "GET https://example.com" | vegeta attack -duration=30s -rate=10
Motivation: In this use case, you can specify the rate at which the attack should be conducted. This is useful when you want to limit the request rate to a specific value, allowing you to test the target’s performance under certain load conditions.
Explanation:
-rate=10: This argument sets the rate of the attack to 10 requests per second.
Example output:
Requests [total, rate] 300, 10.00
...
Use case 4: Launch an attack and display a report
Code:
echo "GET https://example.com" | vegeta attack -duration=30s | vegeta report
Motivation: After conducting an attack, it is important to analyze the results. By using the vegeta report command, you can obtain a detailed report containing various metrics such as the number of requests, successful requests, and response timings.
Explanation:
vegeta report: This command generates a detailed report using the attack results piped from the previous command.
Example output:
Requests [total, rate] 1500, 50.07
...
Latencies [mean, 50, 95, 99, max] 2.383s, 1.130s, 3.666s, 6.157s, 8.054s
...
Use case 5: Launch an attack and plot the results on a graph (latency over time)
Code:
echo "GET https://example.com" | vegeta attack -duration=30s | vegeta plot > path/to/results.html
Motivation: Visualizing the results of an attack can provide a better understanding of the performance characteristics of the target. By using the vegeta plot command, you can generate a graph showing the latency of each request over time.
Explanation:
vegeta plot: This command generates an HTML file containing a graph of latency over time using the attack results piped from the previous command.> path/to/results.html: This redirects the output of the command to a specified file location.
Example output: An HTML file containing a graph of latency over time.
Use case 6: Launch an attack against multiple URLs from a file
Code:
vegeta attack -duration=30s -targets=requests.txt | vegeta report
Motivation: Testing multiple URLs simultaneously is often necessary to identify any differences in performance or vulnerabilities across different endpoints. The -targets flag allows you to specify a file containing a list of URLs to attack.
Explanation:
-targets=requests.txt: This argument specifies the filerequests.txt, which contains a list of URLs to be attacked.
Example output:
Requests [total, rate] 1500, 50.07
...
Conclusion:
The ‘vegeta’ command-line utility provides powerful capabilities for HTTP load testing. By using the different options and flags available, you can customize the attack parameters, analyze the results, and visualize the performance of your target. Whether you need to conduct a quick load test or perform more detailed analysis, ‘vegeta’ is a versatile tool that can meet your needs effectively.
