Torque Scanner

Torque Scanner is a cross‑platform network reconnaissance and audit tool designed to perform repeated HTTP requests with randomized user agent rotation, timing jitter, and optional Tor routing. It provides real‑time feedback through a web‑based control panel which automatically launches in your default browser.

1. Launching the Application

Run the binary appropriate for your system:

./torque-scanner      (Linux / macOS)
torque-scanner.exe    (Windows)

On launch, Torque Scanner starts a small local web server and attempts to open your browser automatically. If it does not open, the terminal will display the URL:

http://127.0.0.1:xxxxx/

Copy this into your browser manually.

2. The Control Panel Interface

Once opened, you will see the main interface containing:

  • Target URL – The website or endpoint to be scanned.
  • Request Count – Total number of HTTP GET requests to send.
  • Concurrency – Number of workers (threads).
  • Jitter Settings – Random timing delays between requests.
  • Retry & Backoff Settings – Controls how failed requests are repeated.
  • Tor Settings:
    • Use Tor – Routes traffic through a SOCKS5 Tor proxy at 127.0.0.1:9050.
    • Tor NEWNYM – Requests a new Tor identity between requests (requires the Tor control port at 127.0.0.1:9051).
  • Real‑time Output Panel – Displays live request logs via SSE.

3. Starting a Scan

Enter your target URL (e.g., http://example.com). Set your preferred options and click:

INITIATE ATTACK PROBE

You will see each request logged in real time, including:

  • Worker ID
  • HTTP status codes
  • User‑Agent string selected
  • Tor routing notes
  • Retry attempts and backoff delays

4. Stopping a Scan

CEASE ATTACK PROBE

Workers will complete any in‑progress request and halt gracefully.

5. Tor Status Indicator

At the top of the UI, Torque Scanner displays:

  • SOCKS5 availability (port 9050)
  • Control port availability (port 9051)

These indicators update every 3 seconds.

6. Log Files

All scans are logged into:

./logs/tor_scanner_YYYYMMDD_HHMMSS.log

These logs can be used for security audits, debugging, and evidence collection.

Technical Overview & Internal Architecture

1. Overview

Torque Scanner is a concurrency‑driven network interrogation tool designed to evaluate:

  • Endpoint rate limiting
  • User‑agent filtering behavior
  • Load balancing characteristics
  • Tor behavior (through different identities)
  • Error handling and response reliability
  • Infrastructure resiliency under controlled request bursts

It is not a stress‑testing tool. Its purpose is security auditing and behavioral analysis, not overwhelming a service.

2. Architecture Summary

The software is built as a single Go program embedding both an HTTP server and a full web interface.

A. Web UI Server

  • Serves the embedded HTML GUI.
  • Provides:
    • /start – Begins a scan.
    • /stop – Halts a scan.
    • /events – SSE endpoint for live logs.

B. Worker Engine

  • A configurable number of goroutines pull jobs from a channel.
  • Each job represents a single HTTP GET request.
  • Workers:
    • Randomize a user agent
    • Sleep for jitter delay
    • Attempt request with retry & exponential backoff
    • Broadcast results via SSE

C. User Agent Management

  • Loads user-agents.txt if found.
  • Otherwise uses a compact built‑in list.
  • Random selection per request.

D. Tor Integration

Torque Scanner can direct all traffic through:

socks5://127.0.0.1:9050

Workers may optionally trigger a NEWNYM request on the control port, forcing a new Tor exit node identity.

E. Real‑Time Logs (SSE)

All activity is broadcast through Server‑Sent Events:

  • Low latency
  • Auto‑reconnecting
  • Live streaming to all connected browsers

F. Logging Subsystem

Every request is logged to file with:

  • Timestamp
  • Target
  • Worker ID
  • Status code
  • User agent
  • Retry attempts
  • Tor usage notes

3. Why Torque Scanner Is Useful

  • Web Security Testing
  • Tor privacy analysis
  • Endpoint reliability testing
  • Infrastructure diagnostics
  • Educational & research purposes

4. Cross‑Platform Support

  • Linux (x86_64, ARM, ARM64)
  • Windows
  • macOS
  • Raspberry Pi (ARM)

5. Ethical Usage

Torque Scanner is intended for:

  • Your own systems
  • Systems you have permission to test
  • Security auditing and research

Do not use it on systems where you lack authorization.