Menu

CI Fuzz 2.12 (Release Note)

April 9 2020

From now on we will provide you with an overview of the latest changes and features for CI Fuzz here on our blog. 

With the latest release note, CI Fuzz now gives developers more information about the found bugs (e.g. severity score). In addition, CI Fuzz displays useful information and best practices about the findings, so that bugs and security vulnerabilities can be fixed even faster and more effectively.

The most groundbreaking innovation that comes with version 2.12 is the complete integration of OWASP Zap into CI Fuzz. This makes it possible to use all advantages of OWASP Zap - together with the usability and white-box fuzzing approach of CI Fuzz.

# Version 2.12 (released April 09, 2020)

Features:

  • More details are provided for found errors: e.g., description, severity, and helpful links regarding the discovered crashes helping to address the finding and fix the issues.

  • Usage of OWASP ZAP in spring boot fuzzing combining the strength of modern fuzzing with the detection capabilities of ZAP.

  • Various Bug fixes and UI enhancements

With 2.11 we already released the following features:

# Version 2.11 (released March 13, 2020)

Features:

  • Spring Boot Fuzzing: Provide a UI for modifying the testing policy; an expert option that defines code exceptions that can be ignored during the testing process (e.g: Ignore an application error that is well known).

  • Java Fuzzing: Improve SQL injection detection by analyzing queries during the testing process

  • Java Fuzzing: Increase code coverage using smarter inputs

  • Various Bug fixes and UI enhancements

Learn More

Recent Posts

One Year of Fuzzing and Fixing Suricata

Autofuzz: Fuzzing Without Writing Fuzz Targets or Harnesses

Fuzzing 101 – The Basics (FAQ)

19 Bugs in Jsoup Found With Jazzer

Share Article

Subscribe to updates