Increasing Reliability of Programming Interfaces Based on Fuzz Testing

Over the last decade, there has been a significant growth in web applications for data processing and output, most of them working through the REST API to communicate with third-party applications. Tools for automatically testing web services through their REST API and verifying the reliability and security of these services are still in their infancy. The most sophisticated testing tools currently available for the REST API scan all API traffic in real-time and then analyze, modify, and reproduce it. Many of these tools were born as extensions of more established web site testing and crawling tools. As these REST API testing tools are all recent and not widely used, it is unknown at this time how effective they are in finding errors and how important they are for security. In this paper, using the latest researches in the field, several methods and approaches for fuzzing web interfaces are analyzed. Their comparative analysis of existing techniques allows to see the current state, performance, and appliance to real-world web application and widely used REST API architecture in general.