🚀 Welcome to Dochia
Automatically generate and execute negative and boundary testing so you can focus on creative problem-solving.
Dochia is a powerful CLI tool that transforms your OpenAPI specifications into comprehensive test suites, using 100+ test playbooks to uncover edge cases and vulnerabilities in your APIs.
888 888 d8b
888 888 Y8P
888 888
.d88888 .d88b. .d8888b 88888b. 888 8888b.
d88" 888 d88""88b d88P" 888 "88b 888 "88b
888 888 888 888 888 888 888 888 .d888888
Y88b 888 Y88..88P Y88b. 888 888 888 888 888
"Y88888 "Y88P" "Y8888P 888 888 888 "Y888888
Bringing Chaos with Love!
✨ Key Features
- 🎯 Automated Test Generation: Generate comprehensive negative and boundary tests from OpenAPI specs
- 🔍 100+ Fuzzing Playbooks: Built-in playbooks for body, fields, headers, stateful testing, and more
- ⚡ Native Performance: Java-compiled native binary for lightning-fast execution and zero dependencies
- 🔐 Authentication Support: Built-in support for various authentication methods
- 📊 Detailed Reporting: Comprehensive test results and error analysis
- 🔄 Replay & Analysis: Replay previous test runs and analyze results
- 🎲 Random Fuzzing: Continuous fuzzing with random mutators
🚀 Quick Start
Get started with Dochia in under 2 minutes:
1. Install via Homebrew
brew install dochia-dev/tap/dochia-cli
2. Run Your First Test
dochia test -c openapi.yml -s http://localhost:8080 -b
3. View Results
Dochia will automatically generate and execute tests, providing detailed reports on any issues found. Reports can be found in the ./dochia-report directory.
💡 Common Use Cases
🔍 Comprehensive API Testing
# Run all 100+ playbooks against your API and report only 5XX errors
dochia test -c openapi.yml -s https://api.example.com -b
🔐 Security & Vulnerability Testing
# Test with authentication and focus on security
dochia test -c api-spec.yml -s https://api.example.com \
--header "Authorization=Bearer $TOKEN" \
--playbooks "BypassAuthentication,CheckSecurityHeaders,MalformedJson,RandomDummyInvalidJsonBody"
🎲 Continuous Fuzzing
# Run continuous fuzzing for 30 minutes to discover edge cases
dochia fuzz -c openapi.yml -s https://api.example.com \
--path /api/users --http-method POST \
--stop-after-time-in-sec 1800 \
--match-response-codes 500
🚀 CI/CD Pipeline Integration
# Production-safe testing with rate limiting
dochia test -c openapi.yml -s $STAGING_URL -b \
--max-requests-per-minute 100 \
--output ./test-results
🎯 Targeted Endpoint Testing
# Test specific paths and methods
dochia test -c openapi.yml -s http://localhost:8080 \
--path "/api/users,/api/orders" \
--http-method "POST,PUT" -b
📊 Performance & Load Testing
# Test API performance under load
dochia test -c openapi.yml -s https://api.example.com \
--max-requests-per-minute 1000 \
--execution-stats -b
🎯 What Makes Dochia Different?
| Feature | Traditional Testing | Dochia |
|---|---|---|
| Test Creation | Manual, time-consuming | Automatic from OpenAPI specs |
| Coverage | Limited by human creativity | 100+ systematic playbooks |
| Edge Cases | Often missed | Comprehensive boundary testing |
| Maintenance | High overhead | Self-updating with spec changes |
| Speed | Slow manual execution | Native binary performance |
📚 Next Steps
🏁 Getting Started
New to Dochia? Start here to learn the basics and run your first test.
Get Started📖 CLI Reference
Comprehensive documentation of all Dochia commands and options.
View Commands🎯 Playbooks
Learn about the 100+ fuzzing playbooks that power Dochia's testing engine.
Explore Playbooks💡 Examples
Real-world examples and use cases to help you get the most out of Dochia.
See Examples🆘 Need Help?
- 📖 Check our User Guide for detailed documentation
- 🐛 Found a bug? Visit our Troubleshooting guide
- 💬 Join our Community for support and discussions
- ❓ Browse FAQ for common questions
Ready to bring chaos with love to your API testing? 🚀