Fuzzing

Tags: security

Is a highly effective, largely automated, security testing [see page 36, technique] that generates random inputs and sees if an application crashes.

Originally fuzzing generated very long inputs and checks if a segfault is triggered (due to buffer overflow), however it's been extended to the domain of automated input generation and result assertion.

TODO: See [see page 38, ideas], [see page 39, pros & cons], [see page 40, fuzzing tools].

Links to this note

Security Attack