Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing

Overview

Hsuan-Fuzz: REST API Fuzzing by Coverage Level Guided Blackbox Testing

Go Report Card Go Reference Release License

Architecture

Hsuan-Fuzz

Usage

package main

import (
    restAPI "github.com/iasthc/hsuan-fuzz/pkg/rest-api"
)

func main() {
    x, err := restAPI.New("OpenAPI.yaml", ".", true, true)
    if err != nil {
        panic(err)
    }
    x.Fuzz(true)
}

WIP ...

Credits

You might also like...
Test coverage in Go, the whole package

Test coverage in Go, the whole package

End-to-end HTTP and REST API testing for Go.

httpexpect Concise, declarative, and easy to use end-to-end HTTP and REST API testing for Go (golang). Basically, httpexpect is a set of chainable bui

siusiu (suite-suite harmonics) a suite used to manage the suite, designed to free penetration testing engineers from learning and using various security tools, reducing the time and effort spent by penetration testing engineers on installing tools, remembering how to use tools.
siusiu (suite-suite harmonics) a suite used to manage the suite, designed to free penetration testing engineers from learning and using various security tools, reducing the time and effort spent by penetration testing engineers on installing tools, remembering how to use tools.

siusiu (suite-suite harmonics) a suite used to manage the suite, designed to free penetration testing engineers from learning and using various security tools, reducing the time and effort spent by penetration testing engineers on installing tools, remembering how to use tools.

A yaml data-driven testing format together with golang testing library

Specimen Yaml-based data-driven testing Specimen is a yaml data format for data-driven testing. This enforces separation between feature being tested

Expressive end-to-end HTTP API testing made easy in Go

baloo Expressive and versatile end-to-end HTTP API testing made easy in Go (golang), built on top of gentleman HTTP client toolkit. Take a look to the

API testing framework inspired by frisby-js
API testing framework inspired by frisby-js

frisby REST API testing framework inspired by frisby-js, written in Go Proposals I'm starting to work on frisby again with the following ideas: Read s

Testing API Handler written in Golang.

Gofight API Handler Testing for Golang Web framework. Support Framework Http Handler Golang package http provides HTTP client and server implementatio

A Go library help testing your RESTful API application

RESTit A Go micro-framework to help writing RESTful API integration test Package RESTit provides helps to those who want to write an integration test

Markdown based document-driven RESTful API testing.
Markdown based document-driven RESTful API testing.

silk Markdown based document-driven web API testing. Write nice looking Markdown documentation (like this), and then run it using the silk command Sim

Comments
  • getkin version has renamed openapi3.Swagger to openapi3.T

    getkin version has renamed openapi3.Swagger to openapi3.T

    On install, there is an error:

    PS D:\APOD\apod-backend-api> go get github.com/iasthc/hsuan-fuzz/pkg/rest-api go: downloading github.com/iasthc/hsuan-fuzz v1.0.2 go: downloading github.com/valyala/fastjson v1.6.3 go: downloading github.com/getkin/kin-openapi v0.68.0 go: downloading github.com/ghodss/yaml v1.0.0

    github.com/iasthc/hsuan-fuzz/pkg/rest-api

    \go1.18beta2\pkg\mod\github.com\iasthc\[email protected]\pkg\rest-api\hsuanfuzz.go:94:15: undefined: openapi3.Swagger \go1.18beta2\pkg\mod\github.com\iasthc\[email protected]\pkg\rest-api\hsuanfuzz.go:94:15: undefined: openapi3.Swagger

    This indicates that the version of getkin is not fixed as a prerequisite, and this package has not kept up with its upstream changes.

    https://github.com/getkin/kin-openapi#v0610

    Renamed openapi3.Swagger to openapi3.T.

    bug enhancement 
    opened by twocs 1
Releases(v1.0.2)
Owner
Chung-Hsuan Tsai
@SQLab
Chung-Hsuan Tsai
A Comprehensive Coverage Testing System for The Go Programming Language

goc 中文页 | goc is a comprehensive coverage testing system for The Go Programming Language, especially for some complex scenarios, like system testing c

Qiniu Cloud 598 Nov 23, 2022
Coverage testing tool for The Go Programming Language

gocov Coverage reporting tool for The Go Programming Language Installation go get github.com/axw/gocov/gocov Usage There are currently four gocov comm

Andrew Wilkins 786 Nov 7, 2022
Fuzz Go defer/panic/recover

deferfuzz deferfuzz is a fuzzer for Go defer/panic/recover. Caveat: I wrote this in a couple hours, and I'm more of a compiler engineer than a fuzzer

Matthew Dempsky 26 Mar 3, 2022
A generic fuzzing and delta-debugging framework

Tavor Tavor (Sindarin for woodpecker) is a framework for easily implementing and using fuzzing and delta-debugging. Its EBNF-like notation allows you

Markus Zimmermann 240 Nov 21, 2022
This is just a repository to play around with Generics and Fuzzing, two big things coming with go 1.18!

This is just a repository to play around with Generics and Fuzzing, two big things coming with go 1.18!

Christopher Smith 0 Feb 6, 2022
Sample code for a quick demo of go 1.18's fuzzing

Fuzzing in Go 1.18 What is it? "Fuzzing is a type of automated testing which continuously manipulates inputs to a program to find bugs. Go fuzzing use

David Lanouette 0 Feb 11, 2022
Fuzzing concurrent Go programs

The code, analysis scripts and results for ASPLOS 2022 Artifact Evaluation Version: 1.2 Update: Jan 20, 2022 Paper: Who Goes First? Detecting Go Concu

null 113 Nov 9, 2022
The portal gates to coverage reports

Covergates - Portal Gates to Coverage Reports Purpose Covergates is to make the easiest way to setup a self-hosted coverage report service. It's an al

Covergates 53 Nov 17, 2022
go-carpet - show test coverage in terminal for Go source files

go-carpet - show test coverage for Go source files To view the test coverage in the terminal, just run go-carpet. It works outside of the GOPATH direc

Sergey Mudrik 231 Nov 3, 2022
Generate a test coverage badge like this one for your go projects.

coverage-badge-go ?? Generate a test coverage badge like this one for your go projects. Usage on: pull_request: branches: -

tj-actions 28 Nov 11, 2022