Fuzzowski Example: Stateful fuzzer for Mock HTTP Server

by gryphus
GNU/Linux ◆ xterm-256color ◆ zsh 1426 views

This example shows the use of a stateful fuzzer to test a mock http server. For this example the test fuzzer below was used:

https://github.com/nccgroup/fuzzowski/blob/master/tests/mock_http_server/mock_http_fuzzer.py

Declaring responses after a request with s_response() it is possible to obtain the “token” JSON parameter which is sent by the server in the first response, and use it with s_variable() to set it in the second request. This is an easy way to create stateful fuzzers that require some information from the server.