WebPageTest 原本是由AOL开发内部使用的工具,后来在Google Code上开源, 是一款非常优秀的网页前端性能测试工具。 在线版本http://www.webpagetest.org

Google Code: http://code.google.com/p/webpagetest/

部署WebPageTest 私有实例参考资料




the networking stack on Windows from a browser’s perspective


Function Interception

The key to how WebPagetest works is its ability to intercept arbitrary function calls

and inspect or alter the request or response before passing it on to the original imple-mentation (or choosing not to pass it on at all). Luckily someone else did most of the

heavy lifting and provided a nice open source library (http://newgre.net/ncodehook) that

can take care of the details for you but it basically works like this:

• Find the target function in memory (trivial if it is exported from a dll).

• Copy the first several bytes from the function (making sure to keep x86 instructions


• Overwrite the function entry with a jmp to the new function.

• Provide a replacement function that includes the bytes copied from the original

function along with a jmp to the remaining code.

It’s pretty hairy stuff and things tend to go very wrong if you aren’t extremely careful,

but with well-defined functions (like all of the Windows APIs), you can pretty much

intercept anything you’d like.

One catch is that you can only redirect calls to code running in the same process as the

original function, which is fine if you wrote the code but doesn’t help a lot if you are

trying to spy on software that you don’t control which leads us to…

Code Injection

Lucky for me, Windows provides several ways to inject arbitrary code into processes.

There is a good overview of several different techniques here: http://www.codeproject

.com/KB/threads/winspy.aspx, and there are actually more ways to do it than that but

it covers the basics. Some of the techniques insert your code into every process but I

wanted to be a lot more targeted and just instrument the specific browser instances

that we are interested in, so after a bunch of experimentation (and horrible failures), I

ended up using the CreateRemoteThread/LoadLibrary technique which essentially lets

you force any process to load an arbitrary dll and execute code in it (assuming you have

the necessary rights).

Resulting Browser Architecture


Get the Code

Since WebPagetest is under a BSD license you are welcome to reuse any of the code for

whatever purposes you’d like. The project lives on Google Code here: (http://code.goo

gle.com/p/webpagetest/) and some of the more interesting files are:

• Winsock  API  interception  code  (http://webpagetest.googlecode.com/svn/trunk/


• Code injection (http://webpagetest.googlecode.com/svn/trunk/agent/wpthook/inject


posted @ 2012-07-21 11:10  2012  阅读(11392)  评论(0编辑  收藏  举报