RESTest: Automated Black-Box Testing of RESTful Web APIs
Fri 16 Jul 2021 01:05 - 01:40 at ISSTA Demos - ISSTA Tool Demos (Live Discussion) 2 Chair(s): August Shi
Testing RESTful APIs thoroughly is critical due to their key role in software integration. Existing tools for the automated generation of test cases in this domain have shown great promise, but their applicability is limited as they mostly rely on random inputs, i.e., fuzzing. In this paper, we present RESTest, an open source black-box testing framework for RESTful web APIs. Based on the API specification, RESTest supports the generation of test cases using different testing techniques such as fuzzing and constraint-based testing, among others. RESTest is developed as a framework and can be easily extended with new test case generators and test writers for different programming languages. We evaluate the tool in two scenarios: offline and online testing. In the former, we show how RESTest can efficiently generate realistic test cases (test inputs and test oracles) that uncover bugs in real-world APIs. In the latter, we show RESTest’s capabilities as a continuous testing and monitoring framework. Demo video: https://youtu.be/1f_tjdkaCKo.
Thu 15 JulDisplayed time zone: Brussels, Copenhagen, Madrid, Paris change
18:05 - 18:40 | ISSTA Tool Demos (Live Discussion) 1Tool Demonstrations at ISSTA Demos Chair(s): Michael Pradel University of Stuttgart | ||
18:05 35mLive Q&A | RESTest: Automated Black-Box Testing of RESTful Web APIs Tool Demonstrations Alberto Martin-Lopez Universidad de Sevilla, Sergio Segura Universidad de Sevilla, Antonio Ruiz-Cortés University of Seville | ||
18:05 35mLive Q&A | C4: the C Compiler Concurrency Checker Tool Demonstrations Matt Windsor University of York, Alastair F. Donaldson Imperial College London, John Wickerson Imperial College London | ||
18:05 35mLive Q&A | echidna-parade: A Tool for Diverse Multicore Smart Contract Fuzzing Tool Demonstrations | ||
18:05 35mLive Q&A | SCStudio: A Secure and Efficient Integrated Development Environment for Smart Contracts Tool Demonstrations Meng Ren Tsinghua University, Fuchen Ma Tsinghua University, Zijing Yin Tsinghua University, Huizhong Li WeBank, Ying Fu Ant Group, Ting Chen University of Electronic Science and Technology of China, Yu Jiang Tsinghua University | ||
18:05 35mLive Q&A | ProFuzzBench: A Benchmark for Stateful Protocol Fuzzing Tool Demonstrations | ||
Fri 16 JulDisplayed time zone: Brussels, Copenhagen, Madrid, Paris change
01:05 - 01:40 | ISSTA Tool Demos (Live Discussion) 2Tool Demonstrations at ISSTA Demos Chair(s): August Shi University of Texas at Austin | ||
01:05 35mLive Q&A | MOSCAN: A Model-based Vulnerability Scanner for Web Single Sign-on Services Tool Demonstrations Hanlin Wei The University of Queensland, Behnaz Hassanshahi Oracle Labs, Australia, Guangdong Bai University of Queensland, Paddy Krishnan Oracle Labs, Australia, Kostyantyn Vorobyov Oracle Labs, Australia | ||
01:05 35mLive Q&A | TauMed: Test Augmentation of Deep Learning in Medical Diagnosis Tool Demonstrations Yunhan Hou Nanjing University, Jiawei Liu Nanjing University, Daiwei Wang Nanjing University, Jiawei He Nanjing University, Chunrong Fang Nanjing University, Zhenyu Chen Nanjing University | ||
01:05 35mLive Q&A | RESTest: Automated Black-Box Testing of RESTful Web APIs Tool Demonstrations Alberto Martin-Lopez Universidad de Sevilla, Sergio Segura Universidad de Sevilla, Antonio Ruiz-Cortés University of Seville | ||