Skip to main content
The bugster destructive command runs AI-powered destructive agents to find potential bugs by simulating edge cases, unexpected user behavior, and malicious inputs that could break your application.

Basic Usage

bugster destructive

Command Overview

Executes specialized AI agents designed to stress-test your application by attempting to break it through aggressive interactions, malicious inputs, and edge case scenarios.

When to Use

  • Before major releases to catch edge case bugs
  • On staging environments to stress-test changes
  • After significant code modifications
  • When you want to find vulnerabilities proactively

Key Features

  • AI agents simulate malicious and edge case user behavior
  • Only targets pages with recent code changes (git diff)
  • Records videos of destructive attempts for debugging
  • Multiple specialized agent types with different attack vectors
  • More aggressive than regular testing approaches
NEVER run against production environments. Destructive agents can cause data corruption, submit forms, delete data, or trigger irreversible actions. Use only on test/staging environments.

Command Syntax

bugster destructive [options]

How It Works

The destructive command:
  1. Change Detection: Identifies pages with recent code changes using git diff
  2. Agent Selection: Deploys specialized destructive agents based on page types
  3. Aggressive Testing: Agents attempt to break functionality through various methods
  4. Result Recording: Captures videos and logs of all destructive attempts
  5. Bug Analysis: Reports potential vulnerabilities and edge case failures

Agent Types

  • UI Crashers
  • Form Destroyer
Priority: HighestAttempts to crash UI components through:
  • Rapid clicking and interaction spam
  • Invalid input combinations
  • Boundary value testing
  • Component state corruption

Execution Options

--headless
boolean
Run agents in headless mode without visible browser UI. Recommended for CI/CD environments.
--parallel
integer
default:"3"
Maximum number of concurrent agents to run simultaneously. Higher values increase testing speed but use more resources.
--max-concurrent
integer
default:"3"
Alias for --parallel. Specifies the maximum number of agents to run concurrently.
--limit
integer
default:"5"
Maximum number of destructive agents to execute. Range: 1-30. Higher values increase bug discovery chances.
--browser
string
default:"chromium"
Browser engine to use for destructive testing. Supports chromium, firefox, and webkit.

Output Options

--stream-results
boolean
default:"true"
Stream real-time results to the Bugster dashboard as agents complete their destruction attempts.
--no-stream-results
boolean
Disable streaming to dashboard. Results will only be available locally.
--base-url
string
Override the base URL from configuration. Essential for testing staging environments.
--verbose
boolean
Enable detailed logging of agent execution and attack patterns.
--silent
boolean
Run agents silently with minimal output. Reduces noise in automated environments.

Examples

Complete Destructive Testing

bugster destructive
Runs all available destructive agents on pages with recent changes.

Pre-release Validation

bugster destructive --limit 15 --parallel 5
Comprehensive destructive testing with maximum coverage before major releases.

Quick Vulnerability Scan

bugster destructive --limit 3 --headless
Fast security and stability check with minimal resource usage.

Staging Environment Testing

bugster destructive --base-url https://staging.myapp.com --limit 10
Test staging environment with comprehensive destructive scenarios.

CI/CD Integration

bugster destructive --headless --stream-results --silent
Automated destructive testing optimized for continuous integration pipelines.

Usage Patterns

Pre-release Testing

bugster destructive --limit 15
Comprehensive destructive testing before major releases.

Quick Security Check

bugster destructive --limit 3 --headless
Fast vulnerability and stability validation.

CI/CD Integration

bugster destructive --headless --stream-results
Automated testing in continuous integration pipelines.

Performance Testing

bugster destructive --parallel 8
Maximum concurrent destruction for stress testing.

Safety Guidelines

  • Never run against production environments
  • Use dedicated test databases and isolated environments
  • Ensure all data is disposable or properly backed up
  • Test on staging environments that mirror production
  • Agents may submit forms with test data
  • Potential for data deletion or corruption
  • May trigger irreversible actions
  • Always use test credentials and mock data
  • All destructive attempts are automatically recorded
  • Videos help understand what caused detected issues
  • Review recordings to learn about attack patterns
  • Use videos for security team analysis

Result Analysis

After execution, you’ll receive:
  • Vulnerability Reports: Detailed analysis of potential security issues
  • Edge Case Failures: Documentation of unexpected behavior patterns
  • Video Recordings: Visual evidence of successful attacks or crashes
  • Agent Logs: Detailed execution traces for debugging
  • Severity Ratings: Prioritized list of discovered issues

Best Practices

Run destructive agents after bugster update to test newly modified pages. Higher --limit values increase the chance of finding edge case bugs, and videos are automatically saved for any issues found.
Destructive testing is most effective as a final validation step before releases. Combine with regular testing for comprehensive coverage, and always review video recordings to understand root causes.
I