Implement fuzz testing

[arkid15r]

To improve the security and robustness of the OWASP Nest we should implement fuzz testing for critical parts of our backend API. Fuzz testing will help uncover unexpected edge cases, unhandled errors, and potential security vulnerabilities by automatically generating random and malformed inputs.

The primary focus should be on:

• REST API endpoints
• GraphQL API endpoints
• Slack event handlers

Tasks

• Research suitable approaches for implementing fuzz testing in Django and GraphQL.
• Implement fuzz testing for GraphQL API endpoints
• Implement fuzz testing for Slack event handlers
• Implement fuzz testing for REST API endpoints
• Extend a GitHub Action workflow to execute fuzz tests either on pull requests.

---

Acceptance Criteria

• Fuzz tests should run without causing the application to crash.
• Any unhandled exceptions or unexpected behavior should be captured and reported.
• Test coverage should include:
  • GraphQL queries and mutations
  • Slack event handlers
  • REST API endpoints
• Fuzz tests should be integrated into the CI/CD pipeline.

Are you going to work on implementing this?

• Yes
• No

[yashgoyal0110]

@arkid15r Can I work on this?

[ahmedxgouda]

Can I work on this?

[srinjoy933]

can i work on this ?,i have nothing assigned for now @arkid15r ,

[arkid15r]

Research suitable approaches for implementing fuzz testing

@ahmedxgouda let's discuss this before start working on the implementation