TORQUE SCANNER - README

USER OPERATION GUIDE

Torque Scanner is a cross‑platform network reconnaissance and audit tool
designed to perform repeated HTTP requests with randomized user agent
rotation, timing jitter, and optional Tor routing. It provides real‑time
feedback through a web‑based control panel which automatically launches
in your default browser.

1. Launching the Application

Run the binary appropriate for your system:

    ./torque-scanner      (Linux / macOS)
    torque-scanner.exe    (Windows)

On launch, Torque Scanner starts a small local web server and attempts
to open your browser automatically. If it does not open, the terminal
will display the URL:

    http://127.0.0.1:xxxxx/

Copy this into your browser manually.

2. The Control Panel Interface

Once opened, you will see the main interface containing:

-   Target URL – The website or endpoint to be scanned.
-   Request Count – Total number of HTTP GET requests to send.
-   Concurrency – Number of workers (threads).
-   Jitter Settings – Random timing delays between requests.
-   Retry & Backoff Settings – Controls how failed requests are
    repeated.
-   Tor Settings:
    -   Use Tor – Routes traffic through a SOCKS5 Tor proxy at
        127.0.0.1:9050.
    -   Tor NEWNYM – Requests a new Tor identity between requests
        (requires the Tor control port at 127.0.0.1:9051).
-   Real‑time Output Panel – Displays live request logs via SSE.

3. Starting a Scan

Enter your target URL (e.g., http://example.com).
Set your preferred options and click:

    INITIATE ATTACK PROBE

You will see each request logged in real time, including:

-   Worker ID
-   HTTP status codes
-   User‑Agent string selected
-   Tor routing notes
-   Retry attempts and backoff delays

4. Stopping a Scan

Press:

    CEASE ATTACK PROBE

Workers will complete any in‑progress request and halt gracefully.

5. Tor Status Indicator

At the top of the UI, Torque Scanner displays:

-   SOCKS5 availability (port 9050)
-   Control port availability (port 9051)

These indicators update every 3 seconds.

6. Log Files

All scans are logged into:

    ./logs/tor_scanner_YYYYMMDD_HHMMSS.log

These logs can be used for security audits, debugging, and evidence
collection.

------------------------------------------------------------------------

TECHNICAL OVERVIEW & INTERNAL ARCHITECTURE

1. Overview

Torque Scanner is a concurrency‑driven network interrogation tool
designed to evaluate:

-   Endpoint rate limiting
-   User‑agent filtering behavior
-   Load balancing characteristics
-   Tor behavior (through different identities)
-   Error handling and response reliability
-   Infrastructure resiliency under controlled request bursts

It is not a stress‑testing tool. Its purpose is security auditing and
behavioral analysis, not overwhelming a service.

2. Architecture Summary

The software is built as a single Go program embedding both:

-   An HTTP server (UI backend)
-   A complete web interface (HTML, CSS, JavaScript)

Major components include:

A. Web UI Server

-   Serves the embedded HTML GUI.
-   Provides:
    -   /start – Begins a scan.
    -   /stop – Halts a scan.
    -   /events – SSE endpoint for live logs.

B. Worker Engine

-   A configurable number of goroutines pull jobs from a channel.
-   Each job represents a single HTTP GET request.
-   Workers:
    -   Randomize a user agent
    -   Sleep for jitter delay
    -   Attempt request with retry & exponential backoff
    -   Broadcast results via SSE

C. User Agent Management

-   Loads user-agents.txt if found.
-   Otherwise uses a compact built‑in list.
-   Random selection per request.

D. Tor Integration

Torque Scanner can direct all traffic through:

    socks5://127.0.0.1:9050

Workers may optionally trigger a NEWNYM request on the control port,
forcing a new Tor exit node identity.

E. Real‑Time Logs (SSE)

All activity is broadcast through Server‑Sent Events:

-   Low latency
-   Auto‑reconnecting
-   Live streaming to all connected browsers.

F. Logging Subsystem

Every request is logged to file with:

-   Timestamp
-   Target
-   Worker ID
-   Status code
-   User agent
-   Retry attempts
-   Tor usage notes

3. Why Torque Scanner Is Useful

Torque Scanner is valuable for:

✔ Web Security Testing
✔ Tor privacy analysis
✔ Endpoint reliability testing
✔ Infrastructure diagnostics
✔ Educational & research purposes

4. Cross‑Platform Support

Torque Scanner can be compiled for:

-   Linux (x86_64, ARM, ARM64)
-   Windows
-   macOS
-   Raspberry Pi (ARM)

5. Ethical Usage

Torque Scanner is intended for:

-   Your own systems
-   Systems you have permission to test
-   Security auditing and research

Do not use it on systems where you lack authorization.

------------------------------------------------------------------------

END OF DOCUMENT
