KissPeter / APIFuzzer

Fuzz test your application using your OpenAPI or Swagger API definition without coding
GNU General Public License v3.0
431 stars 71 forks source link
api-blueprint fuzz fuzzer openapi python3 swagger

Join the chat at https://gitter.im/API-Fuzzer/Lobby Test Coverage Codacy Badge Maintainability Pypi downloads CI

APIFuzzer — HTTP API Testing Framework

APIFuzzer reads your API description and step by step fuzzes the fields to validate if you application can cope with the fuzzed parameters. Does not require coding.

APIFuzzer main features

Supported API definition formats

Planned

Installation

With PIP

Pre-requirements

  1. Python3
  2. sudo apt install libcurl4-openssl-dev libssl-dev libcurl4-nss-dev (on Ubuntu 18.04, required by pycurl)
  3. sudo apt install gcc libcurl4-nss-dev (on Ubuntu 20.04, required by pycurl)

Latest version:

pip3 install APIFuzzer

Development version: Fetch the most recent code from GitHub

$ git clone https://github.com/KissPeter/APIFuzzer.git

Install requirements. If you don't have pip installed, then sudo apt-get install python3-pip -y

$ pip3 install -r APIFuzzer/requirements.txt

Using Docker

$ docker pull kisspeter/apifuzzer:latest

Quick Start

Check the help (some of them are not implemented yet):


$$ usage: APIFuzzer [-h] [-s SRC_FILE] [--src_url SRC_URL] [-r REPORT_DIR] [--level LEVEL] [-u ALTERNATE_URL] [-t TEST_RESULT_DST]
                 [--log {critical,fatal,error,warn,warning,info,debug,notset}] [--basic_output BASIC_OUTPUT] [--headers HEADERS] [-v ,--version]

APIFuzzer configuration

optional arguments:
  -h, --help            show this help message and exit
  -s SRC_FILE, --src_file SRC_FILE
                        API definition file path. JSON and YAML format is supported
  --src_url SRC_URL     API definition url. JSON and YAML format is supported
  -r REPORT_DIR, --report_dir REPORT_DIR
                        Directory where error reports will be saved. Default is temporally generated directory
  --level LEVEL         Test deepness: [1,2], the higher is the deeper (In progress)
  -u ALTERNATE_URL, --url ALTERNATE_URL
                        Use CLI defined url instead compile the url from the API definition. Useful for testing
  -t TEST_RESULT_DST, --test_report TEST_RESULT_DST
                        JUnit test result xml save path
  --log {critical,fatal,error,warn,warning,info,debug,notset}
                        Use different log level than the default WARNING
  --basic_output BASIC_OUTPUT
                        Use basic output for logging (useful if running in jenkins). Example --basic_output=True
  --headers HEADERS     Http request headers added to all request. Example: '[{"Authorization": "SuperSecret"}, {"Auth2": "asd"}]'

Usage examples:

Installed package

Start the sample application (install the necessary packages listed in test/requirements_for_test.txt):

$ python3 test/test_application.py

Start the fuzzer:

$ APIFuzzer -s test/test_api/openapi_v2.json -u http://127.0.0.1:5000/ -r /tmp/reports/ --log debug 

Check the reports:

$ ls -1 /tmp/reports/

Report example:

$ json_pp < /tmp/reports/79_1573993485.5391517.json
{
   "response" : "Test application exception: invalid literal for int() with base 10: '0\\x00\\x10'",
   "sub_reports" : [],
   "parsed_status_code" : 500,
   "state" : "COMPLETED",
   "test_number" : 79,
   "request_body" : null,
   "reason" : "failed",
   "name" : "target",
   "request_url" : "http://127.0.0.1:5000/exception/0\u0000\u0010",
   "request_method" : "GET",
   "status" : "failed",
   "request_headers" : "{\"User-Agent\": \"APIFuzzer\", \"Accept-Encoding\": \"gzip, deflate\", \"Accept\": \"*/*\", \"Connection\": \"keep-alive\"}"
}

Docker

Tested service runs on docker host

Notes

docker run --volume results:/results/ kisspeter/apifuzzer --src_url http://host.docker.internal:8000/openapi.json --url http://host.docker.internal:8000 --test_report /results/junit.xml --report /results/report/ ```

Tested service runs in other docker container

Notes

docker run --volume results:/results/ kisspeter/apifuzzer --net fastapi-performance-optimization_default kisspeter/apifuzzer --src_url http://fastapi-performance-optimization:8000/openapi.json -u http://fastapi-performance-optimization:8000 --test_report /results/junit.xml --report /results/report/```