Application Analysis Methods

How to Find HTTP Requests to Fuzz Using Spring, OpenAPI

Application analysis runs automatically when a fuzz test is started.

There are two methods that can be used to analyze your web app and find out what HTTP requests you can fuzz.

Spring / Spring Boot

This method analyzes Spring framework's functionality and will work out of the box if your application's controllers are written using Spring/Spring-Boot. It is recommended to use this method when possible. This is the default and does not require any setup.

OpenAPI (Formerly Swagger)

Make sure your API description has a valid syntax. For example, an online tool can be used.

OpenAPI: nalyze your web app and find out what HTTP requests you can fuzzSave the API in JSON or YAML format to a file inside your project directory. Then set a path to it in the .code-intelligence/web_services.yaml file. Setting this will disable Springboot analysis.

After you run your fuzz test for the first time, you should be able to see the automatically created seed HTTP requests.
If you are using the local installation , they should be in a new directory under .code-intelligence and ~/.local/share/code-intelligence/projects/<your project>/corpora.

If you are using the CI Fuzz server, you can find them under the directory specified in the directory specified in the CIFUZZ_DATA_DIR configuration variable, usually /.local/share/cifuzz.

You can continue with Creating a Web Application Fuzz Test