Setting up Fuzzing for Spring Boot Applications is even easier than fuzzing C++ or Plain Java Code. First you have to start the CI-Daemon. Open a new terminal and start it with
$ ci-daemon. In this tutorial we are going to use WebGoat. WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons. It is a demonstration of common server-side application flaws.
Download it via git:
$ git clone https://github.com/WebGoat/WebGoat.git