WuppieFuzz

WuppieFuzz v1.2.0

WuppieFuzz, developed by TNO, is a coverage-guided REST API fuzzer built on top of LibAFL. It targets a broad audience with a focus on ease-of-use, explainability of flaws, and modularity. It supports black box, grey box, and white box testing.

Key features:

• Coverage-Guided Fuzzing: Leverages LibAFL for efficient path exploration.
• REST API Fuzzing: Specifically designed for REST APIs, using OpenAPI specifications.
• Ease of Use: Focuses on simple setup and operation.
• Explainability: Aims to provide clear explanations of discovered vulnerabilities.
• Modularity: Designed with a modular architecture for customization and extension.
• Multiple Testing Settings: Supports black box, grey box, and white box testing approaches.

Use cases:

• Validating publicly exposed interfaces.
• Discovering vulnerabilities in REST APIs.
• Improving the security of web services.
• Automated security testing in CI/CD pipelines.