November 14, 2019 · Adv. Pen-Testing Fuzzing

Fuzz - 1.0 - Fuzzing testing for basics


There are two types of testing methodology

Challenges of Testing

The main issue is verification
- Hard to define the right output
- Hard to manage the side effects
- Distinguish bugs from features

Discovering Vulnerabilities

Three primary methods

Not all bugs are vulnerabilities.
Only exploitable bugs are vulnerabilities.
So look for exploitable bugs.

What is fuzzing?

Testing process by sending specific data to app, and try to generate certain responses
Specific data includes

Its very effective since it can transit 1000x more test cases than manual testing.