How API Fuzzing Exposes Hidden Security Flaws episode artwork

EPISODE · Jun 15, 2026 · 10 MIN

How API Fuzzing Exposes Hidden Security Flaws

from The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers · host Fexingo

Lucas and Luna dig into API fuzzing — why sending random garbage to your endpoints is one of the most effective ways to find vulnerabilities before attackers do. They walk through a real case: a fintech startup that fuzzed its payment API and discovered an integer overflow that would have let a bad actor charge negative amounts. They explain how property-based testing frameworks like QuickCheck and Rust's proptest apply fuzzing logic to API contracts, catching edge cases that human-written tests miss. The episode covers input generation strategies, stateful vs. stateless fuzzing, and why most teams don't fuzz until after a breach. If you build or maintain an API, this episode will change how you think about test coverage. #API #Fuzzing #Security #SoftwareTesting #PropertyBasedTesting #EdgeCases #Vulnerability #Fintech #Rust #QuickCheck #DevTools #Business #Technology #FexingoBusiness #BusinessPodcast #LucasAndLuna #TheDeveloperToolsPodcast #Episode52 Keep every episode free: buymeacoffee.com/fexingo

Lucas and Luna dig into API fuzzing — why sending random garbage to your endpoints is one of the most effective ways to find vulnerabilities before attackers do. They walk through a real case: a fintech startup that fuzzed its payment API and discovered an integer overflow that would have let a bad actor charge negative amounts. They explain how property-based testing frameworks like QuickCheck and Rust's proptest apply fuzzing logic to API contracts, catching edge cases that human-written tests miss. The episode covers input generation strategies, stateful vs. stateless fuzzing, and why most teams don't fuzz until after a breach. If you build or maintain an API, this episode will change how you think about test coverage. #API #Fuzzing #Security #SoftwareTesting #PropertyBasedTesting #EdgeCases #Vulnerability #Fintech #Rust #QuickCheck #DevTools #Business #Technology #FexingoBusiness #BusinessPodcast #LucasAndLuna #TheDeveloperToolsPodcast #Episode52 Keep every episode free: buymeacoffee.com/fexingo

NOW PLAYING

How API Fuzzing Exposes Hidden Security Flaws

0:00 10:09

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers?

This episode is 10 minutes long.

When was this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode published?

This episode was published on June 15, 2026.

What is this episode about?

Lucas and Luna dig into API fuzzing — why sending random garbage to your endpoints is one of the most effective ways to find vulnerabilities before attackers do. They walk through a real case: a fintech startup that fuzzed its payment API and...

Can I download this The Developer Tools Podcast with Fexingo: APIs, Infrastructure, and Software for Engineers episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!