Web Application Analysishttpbenchmarkingstress-testload-testingregression-testing

siege

Siege is an HTTP regression testing and benchmarking utility that stress tests URLs with simulated users. It reports hits, bytes transferred, response time, concurrency, and return status.

Description

Siege is a regression test and benchmark utility designed to stress test web applications. It can target a single URL with a user-defined number of simulated users or load multiple URLs into memory for simultaneous stressing. The tool supports HTTP/1.0 and 1.1 protocols, GET and POST directives, cookies, transaction logging, and basic authentication, with features configurable per user.

Use cases include performance benchmarking, load testing web servers, and debugging applications by simulating concurrent user traffic. It reports comprehensive metrics like total hits, bytes transferred, response times, concurrency levels, and HTTP return status, making it valuable for assessing server capacity under stress.

This Kali package includes HTTPS support, obsoleting the separate siege-ssl package. Related utilities like bombardment enable ramped-up client testing, while siege.config builds user-specific configuration templates.

How It Works

Siege simulates multiple concurrent users hitting URLs, either singly or from a file, using HTTP/1.0 and 1.1 protocols with GET/POST methods, cookies, and basic auth. It measures and reports transaction details including response times, data transfer, and status codes. bombardment incrementally increases client count across trials, overriding defaults like inter-request delays.

Installation

bash

sudo apt install siege

Flags

-V, --versionVERSION, prints the version number.

-h, --helpHELP, prints this section.

-C, --configCONFIGURATION, show the current config.

-v, --verboseVERBOSE, prints notification to screen.

-q, --quietQUIET turns verbose off and suppresses output.

-g, --getGET, pull down HTTP headers and display the transaction. Great for application debugging.

-p, --printPRINT, like GET only it prints the entire page.

Examples

Display the help section and usage options for siege.

siege -h

Pull down HTTP headers from the specified URL and display the transaction for debugging.

siege -g URL

Run siege with options on a single URL for stress testing.

siege [options] URL

Build a siege.conf template in the user's home directory.

siege.config

Show usage for bombardment, which runs siege with incrementally increasing users.

bombardment --help

Run siege starting with 5 clients, increment by 10 for 20 trials, 1 second delay between requests.

bombardment urls.txt 5 10 20 1

Updated 2026-04-16kali.org ↗