HTTP-BYPASS stress test

A versatile Layer 7 HTTP flood that pressures sites behind low to mid tier protections to validate rate limiting and request filtering.

Run HTTP-BYPASS test → All methods

200k rq/s

peak request rate

How it works

This method generates a high volume of well-formed HTTP requests distributed across a rotating proxy pool so traffic appears to come from many distinct clients. It targets the request-handling path: application threads, connection pools, and any caching or rate-limiting layer in front of the origin. Run it to confirm that low and medium tier defenses correctly throttle distributed request floods before they reach your application logic.

Parameters

threads1-16Worker threads generating requests in parallel.

rate200k rq/sTarget request rate per second across the pool.

streams10-500Concurrent connections held open per worker.

duration30s-30mLength of the sustained request flood.

Run it from the CLI

retro-cli

$ retro run http-bypass --target https://example.com --rps 800 --duration 120

HTTP-BYPASS FAQ

Is HTTP-BYPASS testing legal?+

Only against infrastructure you own or are authorized to test. RETRO//STRESS requires authorized targets.

What does HTTP-BYPASS stress?+

A versatile Layer 7 HTTP flood that pressures sites behind low to mid tier protections to validate rate limiting and request filtering.

Can I combine it with other methods?+

Yes, add it as a step in a packet chain to sequence it with other protocols.