All notable changes to this project will be documented in this file.
- Make maximum test-case count confugurable
- Save only minimal failing test-case
- Print status code and message when resending result
- Add option to specify the results directory
- Add option to measure request & response time
- Save status of the requests alongside the times
- Make results and stats dir configurable
- Exit with failure if some test case failed
- Generate only valid headers
- Stop fuzzer if unable to send request
- Include instructions for building containers
- Added OpenAPI specification version to README.md
- State that --spec flag takes a file as an argument
- Rename payload to request
- Implement json array and object generation
- Implement arbitrary for JSON, headers, path and query parameters
- Implement fuzzer payload generation using arbitrary types
- Remove unused modules
- Remove unneeded clones by using
mem::take - Restructure cli and add resender subcommand
- Implement payload generation for one_of schema kind
- Implement payload generation for any_of schema kind
- Use prop_map_into instead of prop_map + into in json generation
- Implement payload generation for all_of schema kind
- Add test for generating only valid headers
- Update proptest version
- Update checkout action
- Use dtolnay action for rust
- Add test job
- Add Dockerfile
- Add jobs for building and publishing container images
- Add job to publish openapi-fuzzer to crates.io
- Add ci generated by cargo-dist
- Add changelog
- Update openapiv3 and openapi_utils dependencies
- Use native certificates
- Send cookies as headers
- Create payload for any schema kind
- Create payload also for oneOf, anyOf and allOf schema kinds
- Pretty print response if possible
- Make header comparison case insensitive
- Add findings section & update readme
- Fix links to gitea issues in README
- Add LICENSE
- Add metadata and installation option from crates.io
- Resolve references ($ref) to objects thanks to openapi_utils
- Fuzz cookies, headers, query & path parameters
- Fuzz remaining HTTP methods
- Prepare, send and check requests
- Add option to ignore status codes
- Save findings to files
- add finding formated as curl command
- Report all 500 status codes as findings if not ignored
- Generate unicode instead of alphanumeric values
- Add short option for ignored status codes
- Add option to specify additional headers (-H)
- Randomize the size of the payload for arbitrary
- Trim / from the the start of the path
- Implements simple statistics for the fuzzer
- Add TUI
- Make table rows scrollable
- Map Home & End keys to move to the first & last row respectively
- Color successful findings number in red
- Add resender binary to make it easier to replicate the finding
- Uppercase methods and set any status (ok on non 200 responses)
- Skip non-json bodies
- Add trailing slash to url if not present
- Add building instructions
- Add demo and usage guide to README
- Update ureq to allow responses without status text
- Restructure & split project
- Create payload module
- Generate valid unicode characters right away
- Move functions for generating json out of Payload impl
- Process all incomming events when rendering
- Process events before rendering
- Restructure result file