Skip to content

Commit

Permalink
Update with latest fuzzers
Browse files Browse the repository at this point in the history
  • Loading branch information
@en-milie
en-milie committed Aug 26, 2024
1 parent 874855a commit 121603c
Show file tree
Hide file tree
Showing 10 changed files with 129 additions and 3 deletions.
4 changes: 3 additions & 1 deletion docs/fuzzers/field-fuzzers/index.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Field Fuzzers

CATS has currently 58 registered `Field` Fuzzers:
CATS has currently 60 registered `Field` Fuzzers:
- `AbugidasInStringFields` - iterate through each field and send values containing abugidas chars
- `DecimalFieldsLeftBoundaryFuzzer` - iterate through each Number field (either float or double) and send requests with outside the range values on the left side in the targeted field
- `DecimalFieldsRightBoundaryFuzzer` - iterate through each Number field (either float or double) and send requests with outside the range values on the right side in the targeted field
Expand Down Expand Up @@ -59,6 +59,8 @@ CATS has currently 58 registered `Field` Fuzzers:
- `WithinSingleCodePointEmojisInFieldsTrimValidateFuzzer` - iterate through each field and send values containing single code point emojis
- `WithinMultiCodePointEmojisInFieldsTrimValidateFuzzer` - iterate through each field and send values containing multi code point emojis
- `ZalgoTextInStringFieldsValidateSanitizeFuzzer` - iterate through each field and send values containing zalgo text
- `ZeroWidthCharsInNamesFields` - iterate through each field and insert zero-width characters in the field names
- `ZeroWidthCharsInValuesFields` - iterate through each field and send values containing zero-width characters

You can run only these Fuzzers by supplying the `--checkFields` argument.

Expand Down
20 changes: 20 additions & 0 deletions docs/fuzzers/field-fuzzers/zero-width-in-names.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---
hide_table_of_contents: true
---

# Zero-Width Characters in Field Names

| Item | Description |
|:--------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **Full Fuzzer Name** | ZeroWidthCharsInNamesFieldsFuzzer |
| **Log Key** | **ZWCIN** |
| **Description** | This fuzzer will send zero-width characters in field names. The expectation is that APIs will reject the request as invalid. |
| **Enabled by default?** | Yes |
| **Target field types** | All |
| **Expected result when fuzzed field is required** | `4XX` |
| **Expected result when fuzzed field is optional** | `4XX` |
| **Expected result when fuzzed value is not matching field pattern** | `4XX` |
| **Fuzzing logic** | Iteratively **inserts** zero-width characters in field names |
| **Conditions when this fuzzer will be skipped** | None |
| **HTTP methods that will be skipped** | None |
| **Reporting** | Reports `error` if: *1.* response code is `404`; *2.* response code is documented, but not expected; *3.* any unexpected exception. <br/><br/> Reports `warn` if: *1.* response code is expected and documented, but not matches response schema; *2.* response code is expected, but not documented; *3.* response code is `501`. <br/><br/> Reports `success` if: *1.* response code is expected, documented and matches response schema. |
20 changes: 20 additions & 0 deletions docs/fuzzers/field-fuzzers/zero-width-values.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
---
hide_table_of_contents: true
---

# Zero-Width Characters in Field Values

| Item | Description |
|:--------------------------------------------------------------------|:--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| **Full Fuzzer Name** | ZeroWidthCharsInValuesFieldsFuzzer |
| **Log Key** | **ZWCIV** |
| **Description** | This fuzzer will send zero-width characters in field values. The expectation is that APIs will reject the request as invalid. |
| **Enabled by default?** | Yes |
| **Target field types** | All |
| **Expected result when fuzzed field is required** | `4XX` |
| **Expected result when fuzzed field is optional** | `4XX` |
| **Expected result when fuzzed value is not matching field pattern** | `4XX` |
| **Fuzzing logic** | Iteratively **inserts** zero-width characters in field values |
| **Conditions when this fuzzer will be skipped** | None |
| **HTTP methods that will be skipped** | None |
| **Reporting** | Reports `error` if: *1.* response code is `404`; *2.* response code is documented, but not expected; *3.* any unexpected exception. <br/><br/> Reports `warn` if: *1.* response code is expected and documented, but not matches response schema; *2.* response code is expected, but not documented; *3.* response code is `501`. <br/><br/> Reports `success` if: *1.* response code is expected, documented and matches response schema. |
4 changes: 3 additions & 1 deletion docs/fuzzers/header-fuzzers/index.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Header Fuzzers
CATS has currently 36 registered `Header` Fuzzers:
CATS has currently 38 registered `Header` Fuzzers:
- `AbugidasCharsInHeadersFuzzer` - iterate through each header and send requests with abugidas chars in the targeted header
- `CRLFHeaders` - iterate through each header and send CR & LF characters in the targeted header
- `CheckSecurityHeadersFuzzer` - check all responses for good practices around Security related headers like: [{name=Cache-Control, value=no-store}, {name=X-XSS-Protection, value=1; mode=block}, {name=X-Content-Type-Options, value=nosniff}, {name=X-Frame-Options, value=DENY}]
Expand Down Expand Up @@ -36,6 +36,8 @@ CATS has currently 36 registered `Header` Fuzzers:
- `VeryLargeStringsInHeadersFuzzer` - iterate through each header and send large values in the targeted header
- `VeryLargeUnicodeStringsInHeadersFuzzer` - iterate through each header and send large unicode values in the targeted header
- `ZalgoTextInHeadersFuzzer` - iterate through each header and send requests with zalgo text in the targeted header
- `ZeroWidthCharsInNamesHeaders` - injects zero-width characters in the header names
- `ZeroWidthCharsInValuesHeaders` - iterate through each header and send Zero-width characters in the targeted header

You can run only these Fuzzers by supplying the `--checkHeaders` argument.

Expand Down
Loading

0 comments on commit 121603c

Please sign in to comment.