Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support / add proxy-server input mode to fuzz / run checks on live traffic #4953

Open
tarunKoyalwar opened this issue Mar 28, 2024 · 1 comment
Open

Support / add proxy-server input mode to fuzz / run checks on live traffic #4953

tarunKoyalwar opened this issue Mar 28, 2024 · 1 comment
Labels
Type: Enhancement Most issues will probably ask for additions or changes.

Comments

@tarunKoyalwar
Copy link
Member

Please describe your feature request:

Describe the use case of this feature:

  • this will eliminate format specific dependencies & edgecase handling like we do in openapi schema etc

Know Issues

  • Fuzzing Live traffic actively might not be as helpful since it has its own set of challenges like unresponsiveness in browser , ratelimits hit due to sending large number of requests etc
@tarunKoyalwar tarunKoyalwar added the Type: Enhancement Most issues will probably ask for additions or changes. label Mar 28, 2024
@tarunKoyalwar tarunKoyalwar mentioned this issue Mar 28, 2024
Merged
@Mzack9999
Copy link
Member

I think it's way more functional than blind DAST fuzzing as, for example, it allows specific authorization checks like https://github.com/PortSwigger/autorize, that are the most difficult to catch and generally the most impactful ones

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Type: Enhancement Most issues will probably ask for additions or changes.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Mzack9999 @tarunKoyalwar