Skip to content

akto-api-security/traffic-generator

BranchesTags

Repository files navigation

Traffic Coverage Generator

A comprehensive traffic generation tool using wrk that creates realistic load testing scenarios with multiple hosts and APIs using company data as payload.

Features

  • Configurable Hosts & APIs: Generate traffic to configurable number of unique hosts and API endpoints
  • Realistic Payloads: Uses company schema data to generate realistic JSON payloads
  • Multiple HTTP Methods: Supports both POST and PUT requests
  • Random Data Generation: Creates varied, realistic company information
  • Comprehensive Logging: Detailed performance metrics and error reporting
  • Flexible Configuration: Easy to customize test parameters

Prerequisites

Install wrk

macOS:

brew install wrk

Ubuntu/Debian:

sudo apt-get install wrk

CentOS/RHEL:

sudo yum install wrk

Usage

Quick Start

Run with default settings (1000 unique hosts, 1000 unique APIs):

./run-traffic-test.sh

Custom Configuration

./run-traffic-test.sh [unique_hosts] [unique_apis] [duration] [threads] [connections] [target_url]

Parameters:

  • unique_hosts: Number of unique hosts to target (default: 1000)
  • unique_apis: Number of unique API endpoints (default: 1000)
  • duration: Test duration in seconds (default: 30)
  • threads: Number of threads (default: 4)
  • connections: Number of connections (default: 100)
  • target_url: Base URL for requests (default: http://localhost:8085)

Examples

Basic test with 500 hosts and 500 APIs:

./run-traffic-test.sh 500 500

High-load test with custom parameters:

./run-traffic-test.sh 2000 2000 60 8 200 http://api.example.com

Short test for development:

./run-traffic-test.sh 100 100 10 2 50 http://localhost:8085

Using Predefined Test Configurations

Source the test configurations and run predefined tests:

source test-configs.sh

# Run a smoke test (quick 10-second test)
smoke_test

# Run a light load test
light_test

# Run a medium load test
medium_test

# Run a heavy load test
heavy_test

# Run an extreme load test
extreme_test

Direct wrk Usage

You can also run wrk directly with the Lua script:

wrk -t4 -c100 -d30s -s traffic-generator.lua --latency http://localhost:8085 1000 1000

Generated Traffic

Host Patterns

The script generates hosts in the format:

  • http://api-{1..N}.example.com:{8000..9000}
  • https://api-{1..N}.example.com:{8000..9000}

API Endpoints

Generated API patterns include:

  • /api/v1/companies
  • /api/v2/companies
  • /companies
  • /business/companies
  • /data/companies
  • /rest/companies
  • /graphql/companies
  • And more with random suffixes

Request Payloads

Each request contains a randomly generated company object based on the company-schema.json:

{
  "companyId": "COMP-abc12345",
  "companyName": "TechCorp xyz9",
  "headquarters": {
    "address": {
      "street": "1234 Main St",
      "city": "San Francisco",
      "state": "CA",
      "zipCode": "94105",
      "country": "USA"
    },
    "contact": {
      "phone": "+1-555-123-4567",
      "email": "[email protected]",
      "fax": "+1-555-987-6543"
    }
  },
  "financials": {
    "revenue": 50000000,
    "employees": 250,
    "valuation": 100000000,
    "departments": {
      "engineering": {
        "headcount": 100,
        "budget": 5000000,
        "location": "San Francisco"
      },
      "sales": {
        "headcount": 50,
        "budget": 2000000,
        "region": "CA"
      }
    }
  },
  "metadata": {
    "founded": "2010",
    "industry": "Technology",
    "description": "A leading Technology company focused on innovation and growth.",
    "legal": {
      "taxId": "TAX-12345678",
      "registration": "REG-87654321",
      "status": "ACTIVE"
    }
  }
}

Headers

Each request includes:

  • Content-Type: application/json
  • Accept: application/json
  • User-Agent: wrk-traffic-generator/1.0
  • X-Request-ID: {random-16-char-string}
  • X-Client-ID: client-{random-8-char-string}
  • Optional: X-Correlation-ID, Authorization (randomly added)

Output

Console Output

The script displays real-time metrics including:

  • Requests per second
  • Latency statistics
  • Error counts
  • 95th percentile latency

Log Files

All test results are saved to logs/traffic_test_YYYYMMDD_HHMMSS.log

Performance Considerations

  • Memory Usage: Large numbers of unique hosts/APIs may increase memory usage
  • Network Load: High connection counts may saturate network interfaces
  • Target Capacity: Ensure your target system can handle the generated load
  • Monitoring: Monitor system resources during testing

Customization

Modifying Host Generation

Edit the generate_host() function in traffic-generator.lua to change host patterns.

Adding New API Patterns

Modify the api_patterns array in the generate_api() function.

Customizing Payload Data

Update the sample data arrays (company names, industries, cities, etc.) in the Lua script.

Adding New HTTP Methods

Modify the method selection logic in the request() function.

Troubleshooting

Common Issues

  1. wrk not found: Install wrk using the instructions above
  2. Permission denied: Make sure the shell script is executable (chmod +x run-traffic-test.sh)
  3. High error rates: Check if the target URL is accessible and can handle the load
  4. Memory issues: Reduce the number of unique hosts/APIs or connection count

Debug Mode

For debugging, you can modify the Lua script to log more information by uncommenting print statements or adding custom logging.

License

This project is open source and available under the MIT License.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages