Fuzzing Java Applications
Automated security testing for Java applications helps developers secure their web services and APIs.
Java is one of the most used programming languages in the industry. It is employed for a wide spectrum of applications ranging from GUIs and databases to server, web, and mobile applications and IoT software. These applications need to be particularly reliable and secure. In this context, automated security testing is becoming more and more popular among developers, because it is currently the most effective approach for functional and stability testing and it helps to uncover critical bugs, like SQL-Injections, or XSS-Bugs.
It’s a popular misconception that memory-safe languages are secure by nature. Find out why this is wrong.
Read full article: Memory-Safe Fuzzing: Why Fuzz Testing Can Do More Than C/C++
Modern fuzzing approaches can help developers increase their code coverage and secure their Java applications.
Read full article: Bringing Modern Fuzzing to Java
Feedback-based fuzzing enables you to find many of the OWASP top 10 most common vulnerabilities.
Read full article: 10 Most Common Vulnerabilities CI Fuzz Finds in Java Web Applications
Find out how you can easily build fuzz targets for your Java applications.
Read full article: How to Write Fuzz Targets
With Jazzer, the open source fuzzing engine for JVM-based languages, developers can increase their test coverage to find edge cases, and avoid software bugs more effectively.
Read full article: Fuzz Testing for JVM Is Now Open Source
"I knew a custom fuzzer I wrote way back was not particularly good, but I was still surprised when CI's fuzzer turned up a bunch of bugs that mine never caught. I was impressed with how well versed the CI folk are in identifying properties to check, and how on point the reports were."
In this webinar, Simon Resch will demonstrate a novel approach that allows you to simplify and automate your web application testing using modern fuzzing techniques.
In this webinar, our CTO Khaled Yakdan will show you how to use feedback-based fuzzing to find vulnerabilities in the backend of your web application. Learn to efficiently detect security vulnerabilities and bugs.
Learn how to detect web vulnerabilities (e.g. SQL injections) with modern fuzzing approaches in OWASP's Web Goat project. We talk about the security challenges of the Java framework Spring Boot.