How to find HTTP requests to fuzz using Spring, OpenAPI or Web crawling
There are several methods that can be used to analyse your web app and find out what HTTP requests you can fuzz.
Spring / Spring-Boot
This method analyses Spring framework's functionality and will work out of the box if your application's controllers are written using Spring/Spring-Boot. It is recommended to use this method when possible.
Also called a Spider. This method simulates sending HTTP requests to the URLs/Paths that you specify. Then it reads links from the responses and sends requests to those links and so on. This will not discover functionality that is not reachable from the initial paths by links. Also it may not discover all possible parameters to the requests it finds. It is recommended to only use this method if the other ones cannot be used.
OpenAPI (formerly Swagger)
Make sure your API description has a valid syntax. For example, an online tool can be used.
Save the API in JSON or YAML format to a file inside your project directory. You will then be able to select it in the application analysis wizard:
If the file is not selectable there, you may need to initialize your project again. To do this, select the pen icon in the upper right corned, select Edit Project and complete the wizard again.
You should then be able to see your HTTP request templates.
You can analyse SOAP services by selecting the corresponding .wsdl file in the dropdown list. CI Fuzz will populate the list with all .wsdl files in your project's directory. If you add a new file and you don't see it on the list, you may need to initialize your project again (see above).