WuppieFuzz v1.2.0
WuppieFuzz, developed by TNO, is a coverage-guided REST API fuzzer built on top of LibAFL. It targets a broad audience with a focus on ease-of-use, explainability of flaws, and modularity. It supports black box, grey box, and white box testing.
Key features:
- Coverage-Guided Fuzzing: Leverages LibAFL for efficient path exploration.
- REST API Fuzzing: Specifically designed for REST APIs, using OpenAPI specifications.
- Ease of Use: Focuses on simple setup and operation.
- Explainability: Aims to provide clear explanations of discovered vulnerabilities.
- Modularity: Designed with a modular architecture for customization and extension.
- Multiple Testing Settings: Supports black box, grey box, and white box testing approaches.
Use cases:
- Validating publicly exposed interfaces.
- Discovering vulnerabilities in REST APIs.
- Improving the security of web services.
- Automated security testing in CI/CD pipelines.
