Awesome
Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing
Architecture
Usage
package main
import (
restAPI "github.com/iasthc/hsuan-fuzz/pkg/rest-api"
)
func main() {
x, err := restAPI.New("OpenAPI.yaml", ".", true, true)
if err != nil {
panic(err)
}
x.Fuzz(true)
}
Paper
Bugs reported
- Spree, PR #10626
- Spree, Issue #10647
- Spree, Issue #10971
- Magento2, Issue #31551
- Magento2, Issue #32784
Credits
- Mutation strategy
- Examples of OpenAPI parameter