Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time
June 6, 2021 19:38
June 6, 2021 20:23
June 6, 2021 19:29
September 25, 2022 00:46
June 6, 2021 20:23
June 6, 2021 20:23


reqstress is a benchmarking&stressing tool that can send raw HTTP requests. It's written in Go and uses fasthttp library instead of Go's default http library, because of its lightning-fast performance.

Why Do We Need Another Benchmarking Tool?

There are really great benchmarking tools out there such as wrk, bombardier, hey, ab. Some of them don't support sending custom requests, they are only sending a GET request to a given URL. Some of them support custom requests but it's really hard to craft one by using command line parameters. I wanted to create a tool that can read a raw HTTP request from a text file and replays it.

So, you can copy your favorite request from Burp Suite, Fiddler etc. and pass it to the reqstresser directly. It would be useful for stressing authenticated endpoints and specific requests that create a huge load.

reqstress vs. Other Tools

reqstresser is not the fastest benchmarking tool, but it's not bad either. I tested couple of popular tools on a $20 Linode server with same amount of threads. Here is the result:

Tool Num. of Sent Requests Duration
wrk ~45000 10s
bombardier ~41000 10s
ab ~40000 10s
reqstress ~39304 10s
hey ~35127 10s ~10913 10s


From Binary

You can download the pre-built binaries from the releases page and run. For example:


tar xzvf reqstress_0.1.4_Linux_amd64.tar.gz

./reqstress --help

From Source

  1. Install Go on your system
  2. Run: go install


reqstress requires 6 parameters to run:

-r : Path of the request file. For example: -r request.txt. Request file should contain a raw HTTP request. For example:

POST /wp-login.php HTTP/1.1
Content-Length: 107
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7
Cookie: wordpress_test_cookie=WP%20Cookie%20check
Connection: close


-w : The number of workers to run (e.g -w 750). The default value is 500. You can increase or decrease this by testing out the capability of your system.

-d : Duration of the test (in seconds) (e.g -d 60). Default is infinite.

-https : Target protocol. Can be true or false (e.g -https=false). Default is true

-t : Request timeout. (e.g -t 1). Default is 5(seconds)