What is fuzz testing and what kinds of bugs does it find?

Hello! Can you please explain what’s fuzzing and what kinds of bugs does it find.

Hello, and welcome to the Mayhem Hacking Community!

Fuzzing is a software testing technique focused on generating “negative inputs”, or inputs that result in some undesired or undefined behavior. In its most basic form, fuzzing is a method of automatically sampling and testing an application or program input space in order to elicit and discover new behaviors, regardless of whether or not these behaviors result in a crash. You can think of this a lot like determining paths in a maze. There may be many paths that lead to the end of the maze, paths that lead to a “bad end”, or paths that go nowhere at all. Fuzzing attempts to find and catalog all of these paths, determine redundant paths, and discover new ones. Thus, we attempt to find all of the paths in a particular program or application, and triage those that result in undesirable behavior in order to remedy it before it gets pushed to production.

Fuzzing can find many types of issues, including memory corruption, program hangs, crashes and other types of denial-of-service, as well as more critical issues that can lead to things like remote code execution and sensitive information leaks. It’s also a great way to uncover zero-day vulnerabilities!

1 Like