Fuzz testing
As software engineers, we worry , not when things go as expected, but when unexpected things happen. One way to deal with the unexpected is fuzzing. Fuzzing (or fuzz testing) is a testing technique that generates invalid, unexpected, or random data on programs that require input.
Fuzz testing is good at discovering security and vulnerability issues with codeāmanual testing is not always ideal as those tests may not account for all potential untrusted inputs, specifically invalid inputs that may break a system. However, fuzz testing cannot replace unit testing. This means that fuzz testing is not a panacea and cannot replace all other testing techniques. So, fuzz testing is more suitable for testing code that parses input, which includes cases such as buffer overflow and SQL injection.
The main advantages of fuzzing include the following:
- You can make sure that the code can handle invalid or random input.
- Bugs that are discovered with fuzzing...