Skip to content

Lothiraldan/swagger-fuzzer

1 Branch0 Tags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

LothiraldanLothiraldan
Merge pull request #1 from cadesalaberry/patch-1
Oct 17, 2016
b0d2ab9 · Oct 17, 2016

History

15 Commits
docs
docs
May 21, 2016
swagger_fuzzer
swagger_fuzzer
May 23, 2016
tests
tests
May 21, 2016
.editorconfig
.editorconfig
May 21, 2016
.gitignore
.gitignore
May 21, 2016
AUTHORS.rst
AUTHORS.rst
May 21, 2016
CONTRIBUTING.rst
CONTRIBUTING.rst
May 21, 2016
HISTORY.rst
HISTORY.rst
May 21, 2016
LICENSE
LICENSE
May 21, 2016
MANIFEST.in
MANIFEST.in
May 21, 2016
Makefile
Makefile
May 21, 2016
README.rst
README.rst
Oct 17, 2016
requirements_dev.txt
requirements_dev.txt
May 22, 2016
setup.cfg
setup.cfg
May 21, 2016
setup.py
setup.py
May 22, 2016
tox.ini
tox.ini
May 21, 2016

Repository files navigation

Swagger Fuzzer

Swagger Fuzzer helps you do fuzzing testing on your Swagger APIs.

Usage

Install swagger-fuzzer via pip:

pip3 install https://github.com/Lothiraldan/swagger-fuzzer/archive/master.zip

Point it to your swagger specification:

swagger-fuzzer http://localhost:80/v2/swagger.json

If swagger-fuzzer find any problem, it will print you a report, for example:

Falsifying example: swagger_fuzzer(data=request(...))
Curl command: curl -i -X GET -d '' 'http://localhost/pet/findByStatus'
Traceback (most recent call last):
  File "/Users/lothiraldan/.virtualenvs/swagger-fuzzer/bin/swagger-fuzzer", line 9, in <module>
    load_entry_point('swagger-fuzzer', 'console_scripts', 'swagger-fuzzer')()
  File "/Users/lothiraldan/projects/swagger-fuzzer/swagger_fuzzer/swagger_fuzzer/swagger_fuzzer.py", line 34, in main
    do(args)
  File "/Users/lothiraldan/projects/swagger-fuzzer/swagger_fuzzer/swagger_fuzzer/swagger_fuzzer.py", line 79, in do
    swagger_fuzzer()
  File "/Users/lothiraldan/projects/swagger-fuzzer/swagger_fuzzer/swagger_fuzzer/swagger_fuzzer.py", line 68, in swagger_fuzzer
    @hsettings(max_examples=settings.iterations)
  File "/Users/lothiraldan/projects/swagger-fuzzer/hypothesis-python/src/hypothesis/core.py", line 541, in wrapped_test
    print_example=True, is_final=True
  File "/Users/lothiraldan/projects/swagger-fuzzer/hypothesis-python/src/hypothesis/executors.py", line 58, in default_new_style_executor
    return function(data)
  File "/Users/lothiraldan/projects/swagger-fuzzer/hypothesis-python/src/hypothesis/core.py", line 104, in run
    return test(*args, **kwargs)
  File "/Users/lothiraldan/projects/swagger-fuzzer/swagger_fuzzer/swagger_fuzzer/swagger_fuzzer.py", line 76, in swagger_fuzzer
    validator(SPEC, request, result, settings)
  File "/Users/lothiraldan/projects/swagger-fuzzer/swagger_fuzzer/swagger_fuzzer/validators.py", line 54, in valid_output_mime
    raise AssertionError("Response content-type {} is not declared: {}".format(response.headers['Content-Type'], valids))
AssertionError: Response content-type text/html; charset=ISO-8859-1 is not declared: []

Bugs hunted

Swagger-fuzzer really find bugs, here is a non-extensive list of bugs found with swagger-fuzzer:

Credits

This package was created with Cookiecutter and the audreyr/cookiecutter-pypackage project template.

This project was sponsored by my employer Sqreen and developed initially for our needs.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

25 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

Languages