Dochia Bringing Chaos with Love - Dochia automatically generates and executes negative and boundary testing so you can focus on creative problem-solving. Because nobody wants to debug why their "enterprise-grade" API can't handle a simple 🤷‍♀️ What is Dochia? Dochia automatically generates and executes negative and boundary testing so you can focus on creative problem-solving. It auto-generates malicious, weird, and edge-case inputs to hammer your endpoints. Instead of spending 40% of your time writing repetitive test cases and missing critical edge cases, let Dochia do the heavy lifting while you focus on building amazing features. It's like throwing a tantrum at your API, so your users don't have to. See it in action Features 🚀 Instant Setup : Point it at your OpenAPI spec and go : Point it at your OpenAPI spec and go 🧠 Smart Testing : 120+ playbooks create realistic, context-aware test cases : 120+ playbooks create realistic, context-aware test cases 🔍 Find Hidden Issues : Edge cases, invalid inputs, and boundary conditions : Edge cases, invalid inputs, and boundary conditions 📊 Clear Results : Actionable reports with specific fixes : Actionable reports with specific fixes 🔄 Replay Mode : Replay and investigate specific test scenarios : Replay and investigate specific test scenarios 📋 OpenAPI Native: Understands your API structure automatically About the Name Dochia comes from Romanian folklore - a legendary figure known for testing the limits of winter's harshness. Like its namesake, this tool rigorously tests your APIs to ensure they can withstand any conditions. Why Dochia? The Problem: Engineers spend 40% of time writing repetitive test cases Manual testing misses critical edge cases and boundary conditions Traditional automation mostly tests the "happy path" scenarios These missed edge cases become expensive production failures The Solution: Automatically discovers and tests thousands of input variations Finds the boundary conditions that would otherwise break production 80% less time on manual and automation negative testing 95% reduction in "how did that get through testing?" incidents More time for creative problem-solving Is Dochia free? Yes, the code in this repo is free and open source under the Apache 2.0 license, and Dochia as a product follows an open core model. A Pro version will be available soon that will contain additional features and support. Quick Start Installation Homebrew (macOS/Linux) brew install dochia-dev/tap/dochia-cli Curl (Linux/macOS) curl -sSL https://get.dochia.dev | sh Docker docker run --rm -v $( pwd ) :/workspace dochiadev/dochia-cli test -c /workspace/api.yaml -s http://localhost:8080 Manual Download # Download latest release for your platform wget https://github.com/dochia-dev/dochia-cli/releases/latest/dochia_platform_version.tar.gz -O dochia.tar.gz tar -xzf dochia.tar.gz chmod +x dochia sudo mv dochia /usr/local/bin/dochia rm dochia.tar.gz # Verify insallation dochia --version Basic Usage # Test your API using OpenAPI spec in blackbox mode i.e., checking only 500 status codes dochia test -c api.yaml -s http://locahost:8080 -b # Target specific endpoints dochia test -c api.yaml -s http://locahost:8080 -b --path " /api/users " # Pass in an authentication header from the API_KEY environment variable dochia test -c api.yaml -s http://locahost:8080 -b --path " /api/users " -H " Api-Key= $API_KEY " # Replay a specific test dochia replay Test120 How It Works 1. Reads Your OpenAPI Specs Dochia automatically parses your OpenAPI/Swagger specifications to understand your API structure, parameters, and expected data types. 2. Generates Smart Payloads Creates thousands of context-aware test cases including: Boundary value testing XSS payloads Buffer overflow tests Type confusion attacks Authentication bypasses 3. Finds Hidden Issues Discovers vulnerabilities and edge cases through: Predefined playbooks Intelligent payload mutation Response analysis Error pattern detection Documentation You can find the full documentation at https://docs.dochia.dev. Contributing We welcome contributions! Please see our Contributing Guide for details. Development Setup # Clone the repository git clone https://github.com/dochia-dev/dochia-cli.git cd dochia # Build with Maven ./mvnw clean compile # Run tests ./mvnw test # Build native binary with GraalVM ./mvnw clean package -Pnative # Run from JAR (development) java -jar target/dochia.jar test -c api.yaml -s http://localhost:8080 Prerequisites for Development Java 21+ : OpenJDK or Oracle JDK : OpenJDK or Oracle JDK GraalVM : For native binary compilation : For native binary compilation Maven: Build tool (wrapper included) Building Native Binary # Install GraalVM (if not already installed) sdk install java 22.3.r17-grl sdk use java 22.3.r17-grl # Build native executable ./mvnw clean package -Pnative # Binary will be created at target/dochia ./target/dochia-runner --version 📄 License This project is licensed under the Apache 2.0 License - see the LICENSE file for details. 🔗 Links Let machines do machine work, humans do human work.