I've followed similar approach for building a REST API fuzzer for the past 3 years: https://github.com/Endava/cats. Fuzz testing is still not widely adopted considering the obvious benefits and usually minimum setup time. Even if it's java, getting it to native code was a must, so I had to rewrite it from spring to quarkus to get native image compilation out of the box. And focus on the performance bit to be able to run large number of mutation even for large json payloads. Quite a journey.

Nice tool! Will check it out. I have used jdam in the past to fuzz JSON: https://gitlab.com/michenriksen/jdam

Thanks for the link. I'm always looking for ways to extend and enrich it, so it's good to discover similar tools.

Looks cool! Just a heads up: a couple of the demo links in the main README lead to 404s.

Thanks.I'll check all links.

Link to the next page is broken, it doesn't add the /fuzzing/ prefix. Cool series nonetheless!

It is just for me or it is really funny that he writes about fuzzing in his blog and his name is "Michal Melewski"? It is almost "Michał Zalewski"!

All the polish hackers are named Michał and have also worked together. I know Melewski and Zalewski have in the past!