Automic VaultAutomic Vault

brew

Install slowhttptest with Homebrew, apt, MacPorts, Nix, pacman

Simulates application layer denial of service attacks. Version 1.9.0 via Homebrew; verified 2026-05-12.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install slowhttptest

local Homebrew formula metadata

MacPortsverified · 94%
sudo port install slowhttptest

MacPorts ports tree · www/slowhttptest/Portfile · source: api.github.com

Linux

Debian aptverified · 92%
sudo apt install slowhttptest

Debian stable package indexes · slowhttptest · source: deb.debian.org

Nixverified · 92%
nix profile install nixpkgs#slowhttptest

nixpkgs package indexes · pkgs/by-name/sl/slowhttptest/package.nix · source: api.github.com

Arch Linux pacmanverified · 92%
sudo pacman -S slowhttptest

Arch Linux sync databases · slowhttptest · source: geo.mirror.pkgbuild.com

overview

Package summary

Simulates application layer denial of service attacks

Commands and aliases

  • slowhttptest

history

Project history and usage

SlowHTTPTest is a command-line security testing tool that simulates application-layer denial-of-service attacks by prolonging HTTP connections in several ways. Its README frames it as a configurable way to test web servers for DoS vulnerability or connection-handling limits.

Project history

The official GitHub wiki says the project moved from Google Code. The wiki timeline records the first version on 2011-08-24, version 1.1 for Apache Range header testing on 2011-08-27, version 1.3 with Slow Read support on 2011-12-28, version 1.4 with `poll()` support on 2012-01-28, and version 1.6 on 2013-11-25.

The GitHub release list preserves that migration history: v1.6 is named as from the Google Code period, v1.7 as the first post-Google Code release, and later releases include v1.8 in 2019, v1.8.2 in 2020, and v1.9.0 in 2022.

Adoption history

SlowHTTPTest became a standard small-package security tool because it wraps slowloris, Slow HTTP POST, Slow Read, and Apache Range-style tests into one CLI. The input facts list it in Homebrew, Debian, Ubuntu, MacPorts, Nix, and pacman-family systems.

Homebrew's formula API reported 277 installs-on-request over 365 days for the batch's lookup window, matching a specialist tool that is installed when a user needs to test a web server rather than kept as a daily shell utility.

How it is used

The official README describes testing web servers for DoS vulnerabilities or determining how many concurrent connections they can handle. It says the tool works on many Linux platforms, OS X, and Cygwin, and points to the wiki for installation and usage details.

The wiki explains that the tool sends partial HTTP requests or reads responses slowly to exercise server resource handling. Its usage should be limited to systems the user is authorized to test.

Why package nerds care

SlowHTTPTest is package-nerd significant because it keeps a historically important class of HTTP DoS tests available as a reproducible CLI package instead of scattered proof-of-concept scripts.

It also shows how security tooling often survives package-manager adoption after project hosting moves: Google Code history, GitHub releases, distro packages, and Homebrew all preserve the same operational utility.

Timeline

  • 2011: First version of slowhttptest released.
  • 2011: Version 1.3 added Slow Read DoS support.
  • 2012: Version 1.4 added `poll()` support and a man page.
  • 2013: Version 1.6 released during the Google Code era.
  • 2016: GitHub releases list v1.7 as the first post-Google Code release.
  • 2022: GitHub release v1.9.0 published.

Related projects

  • The official wiki discusses slowloris, Slow HTTP POST, Slow Read, and Apache Range Header attack testing as related attack classes.
  • The tool is often packaged alongside other web and network security testing utilities in operating-system and developer package managers.

security posture

No protected-tool coverage found yet

No matching local secret-handling manifest was found for slowhttptest. Nucleus package metadata is still published here so future coverage has a stable package URL.

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 1 runtime dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
slowhttptestcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.9.0
manager updated2026-05-12
local dataok
upstreamcurrent
latest detectedv1.9.0

https://github.com/shekyan/slowhttptest

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:slowhttptest
Version1.9.0
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/slowhttptest
Homepagehttps://github.com/shekyan/slowhttptest
Repositoryhttps://github.com/shekyan/slowhttptest
Upstream docshttps://github.com/shekyan/slowhttptest#readme
LicenseApache-2.0
Source archivehttps://github.com/shekyan/slowhttptest/archive/refs/tags/v1.9.0.tar.gz
Last updated2026-05-12T21:46:12Z
Pulseupdated
Dependenciesopenssl@4
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameslowhttptest
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt95%

slowhttptest 1.9.0-1+b1

application layer Denial of Service attacks simulation tool

https://github.com/shekyan/slowhttptest

sudo apt install slowhttptest
  • Section: net
  • Architecture: amd64
  • Source Package: slowhttptest
  • 4 dependencies
  • normalized package name match
  • Matched by: Slowhttptest
Debian stable package indexes · deb.debian.org · Debian stable package indexes: slowhttptest from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Nix95%

slowhttptest

nix profile install nixpkgs#slowhttptest
  • normalized package name match
  • Matched by: Slowhttptest
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/sl/slowhttptest/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
Ubuntu apt95%

slowhttptest 1.9.0-1build2

application layer Denial of Service attacks simulation tool

https://github.com/shekyan/slowhttptest

sudo apt install slowhttptest
  • Section: universe/net
  • Architecture: amd64
  • 4 dependencies
  • normalized package name match
  • Matched by: Slowhttptest
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: slowhttptest from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz
pacman95%

slowhttptest 1.9.0-2

Highly configurable tool that simulates some Application Layer Denial of Service (DoS) attacks

https://github.com/shekyan/slowhttptest

sudo pacman -S slowhttptest
  • License: Apache
  • Architecture: x86_64
  • 3 dependencies
  • normalized package name match
  • Matched by: Slowhttptest
Arch Linux sync databases · geo.mirror.pkgbuild.com · Arch Linux sync databases: slowhttptest from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz
MacPorts95%

slowhttptest

sudo port install slowhttptest
  • normalized package name match
  • Matched by: Slowhttptest
MacPorts ports tree · api.github.com · MacPorts ports tree: www/slowhttptest/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment