Skip to content

Commit

Permalink
switch CATS for Schemathesis
Browse files Browse the repository at this point in the history 
Co-authored-by: Sofia Edvardsson <[email protected]>
  • Loading branch information
@RafDevX @sofiaedv
RafDevX and sofiaedv committed Oct 11, 2024
1 parent 1b1462f commit 7038983
Showing 1 changed file with 9 additions and 10 deletions.
19 changes: 9 additions & 10 deletions contributions/executable-tutorial/rmfseo-sofiaedv/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## Title

REST API Fuzzing using CATS
REST API Fuzzing using Schemathesis

## Names and KTH ID

Expand All @@ -29,21 +29,20 @@ that in a systematic fashion.
Thus, we propose creating an executable tutorial that can pedagogically
introduce developers unacquainted with these techniques to a specific workflow
that they might use later in their professional lives. In particular, we wish to
introduce learners to the [CATS](https://endava.github.io/cats) tool (Contract
API Testing and Security), which allows for automated fuzzing of REST APIs based
on an OpenAPI contract document.
introduce learners to the [Schemathesis](https://schemathesis.io) tool, which
allows for automated fuzzing of REST APIs based on an OpenAPI contract document.

We will include a simple sample project with non-obvious logic errors, guide the
user to run CATS and explore the potential vulnerabilities it detects, as well
as show them how to use the information reported to easily fix or mitigate the
problems in question.
user to run Schemathesis and explore the potential vulnerabilities it detects,
as well as show them how to use the information reported to easily fix or
mitigate the problems in question.

**Relevance**

Automated fuzzing, especially in this particular context of REST APIs, is at the
heart of automated testing, which we have discussed in week 2 of this course and
is essential to allow for effective Continuous Integration without compromising
robustness. Our proposed tutorial hopes to demonstrate how to use a tool like
CATS as a key component in a testing pipeline to complement human-written and
human-driven tests to ensure all stakeholders have confidence in the system's
continuous reliability.
Schemathesis as a key component in a testing pipeline to complement
human-written and human-driven tests to ensure all stakeholders have confidence
in the system's continuous reliability.

0 comments on commit 7038983

Please sign in to comment.