Skip to main content

New Fields

Full Fuzzer NameNewFieldsFuzzer
Log KeyNFF
DescriptionThis fuzzer will inject a new field in a valid payload. If the request is for a method with body, the injection will happen within the json body, otherwise the injection will happen as an additional query param. The expectation is that APIs will reject the requests with json bodies in order to prevent injection of random data.
Enabled by default?Yes
Target field typesN/A
Expected result when fuzzed field is requiredN/A
Expected result when fuzzed field is optionalN/A
Expected result when fuzzed value is not matching field patternN/A
Fuzzing logicAdd a new field within the request body or query param. Expects 4XX for HTTP verbs with body (POST, PUT, PATCH) or 2XXfor HTTP verbs without body (GET, DELETE)
Conditions when this fuzzer will be skippedNone
HTTP methods that will be skippedNone
ReportingReports error if: 1. response code is 404; 2. response code is documented, but not expected; 3. any unexpected exception.

Reports warn if: 1. response code is expected and documented, but not matches response schema; 2. response code is expected, but not documented; 3. response code is 501.

Reports success if: 1. response code is expected, documented and matches response schema.