Tool report: EvoMaster—black and white box search-based fuzzing for REST, GraphQL and RPC APIs

In this paper, we present the latest version 3.0.0 of EvoMaster , an open-source search-based fuzzer aimed at Web APIs. We discuss and present all its recent improvements, including advanced white-box heuristics, advanced search algorithms, support for databases and external services, as well as dea...

Full description

Saved in:
Bibliographic Details
Published in:Automated software engineering Vol. 32; no. 1; p. 4
Main Authors: Arcuri, Andrea, Zhang, Man, Seran, Susruthan, Galeotti, Juan Pablo, Golmohammadi, Amid, Duman, Onur, Aldasoro, Agustina, Ghianni, Hernan
Format: Journal Article
Language:English
Published: New York Springer US 01.06.2025
Springer Nature B.V
Subjects:
Algorithms
Application programming interface
Artificial Intelligence
Automation
Computer Science
Heuristic
Java
Programming languages
Search algorithms
Software engineering
Software Engineering/Programming and Operating Systems
Fuzzing
Web API
SBST
Tool
ISSN:0928-8910, 1573-7535, 1573-7535
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper, we present the latest version 3.0.0 of EvoMaster , an open-source search-based fuzzer aimed at Web APIs. We discuss and present all its recent improvements, including advanced white-box heuristics, advanced search algorithms, support for databases and external services, as well as dealing with GraphQL and RPC APIs besides the original use case for REST APIs. The tool’s installers have been downloaded more than 3000 times. EvoMaster is in daily use for fuzzing millions of lines of code in hundreds of APIs in large Fortune 500 companies, such as for example the e-commerce Meituan.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
content type line 23
ISSN:0928-8910
1573-7535
1573-7535
DOI:10.1007/s10515-024-00478-1