Published on

Narf's HTTP Garden Enables Differential Analysis

Authors
  • avatar
    Name
    Ben Kallus
    Twitter
  • avatar
    Name
    Prashant Anantharaman
    Twitter

We would like to announce the release of The HTTP Garden. The HTTP Garden is a collection of HTTP servers and proxies configured to be composable, along with scripts to quickly and easily search for discrepancies between them.

Our servers are configured to respond in a standardized format exposing the values parsed from the HTTP request, including the headers, body, protocol version, URI, and method. The proxies are configured to redirect incoming requests to a server that echoes back the request as-is, allowing the effect of the proxy to be easily observed. Each server and proxy runs within its own Docker container orchestrated by Docker Compose, and is built from source when possible.

You can check out our ShmooCon talk and try our tool at GitHub.

Disclaimer: This material is based in part upon work supported by the Defense Advanced Research Projects Agency (DARPA) under Contract No. HR001119C0073. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the Defense Advanced Research Projects Agency (DARPA).