Lowercase Expanding Length in String Fields
| Item | Description |
|---|---|
| Full Fuzzer Name | LowercaseExpandingLengthInStringFieldsFuzzer |
| Log Key | LELISF |
| Description | This fuzzer send characters that expand their length when lower cased. The expectation is that APIs will either respond with 2xx or 4xx. |
| Enabled by default? | Yes |
| Target field types | All array fields |
| Expected result when fuzzed field is required | 2XX or 4XX |
| Expected result when fuzzed field is optional | 2XX or 4XX |
| Expected result when fuzzed value is not matching field pattern | 2XX or 4XX |
| Fuzzing logic | Iteratively replaces string fields with characters such as İ |
| Conditions when this fuzzer will be skipped | When field is not a string |
| HTTP methods that will be skipped | None |
| Reporting | Reports error if: 1. response code is 5xx; Reports warn if: 1. response code is expected and documented, but not matches response schema; 2. response code is expected, but not documented; 3. response code is 501. Reports success if: 1. response code is expected, documented and matches response schema. |