⛏️ Write a test to check whether we can create/update an object with negative price/amount/value

[aktoboy]

💭 Introduction: We want to test to check whether an attacker can create/update entity with an invalid price/amount/value.

🎯 Requirements:

1. Filters - This test should run on apis that has a query parameter or request-body parameter named price, amount, quantity or value.

2. Execute - It should replace the value with

• special characters
• A very long string (> 255 characters)
• Use whitespaces
• A negative integer
• A very long integer causing integer overflow
• Zero
• NULL

3. Validation - If the application responds with a exception trace, it is a vulnerability.

📚 Reading You can find a detailed documentation of test editor rules here Find 100+ examples of YAML tests here

✅ Task summary:

• [ ] Ask to be assigned to the issue.
• [ ] Wait to be assigned. We will try to assign in less than 2 hours.
• [ ] Signup for Akto
• [ ] Fork the tests-library repository, create a new branch and commit the yaml file which will be called in your test.
• [ ] Submit both the PR here.

✌🏻 Hints: You can build the yaml template by referring this link

🙋🏼‍♂️ Questions: If you have questions, need any help, or just want to hang out, make sure to join us on our Discord server.