Fuzz testing

This product was added to computer science because of the content, defects on the quality assurance side of the editor. This is done to bring the quality of the articles from the computer science subject area to an acceptable level. Help us to eliminate the substantive shortcomings of this article and take part you in the discussion! ( ) Reason: Please revise the " Tools / Tools / Software " and make OMA test section - Crazy1880 21:24, November 26, 2010 (UTC)

Fuzzing, and Robustness Testing or Negative Testing, is a special technique for software testing. For this purpose, random data are generated automatically with tools that are used to process input interface of a program ( eg by opening a file, the data format supports the program ). With the random data later use can be simulated, in which not only "normal" data must be processed as it takes many, often inexperienced programmers.

The fuzzing ( fuzz testing, after the English word for blurred blurry ) was developed at the University of Wisconsin -Madison in 1989 by Professor Barton Miller and his students.


Fuzzing is performed in software development projects, usually as part of a black-box testing to test new software on error rate and to detect any gaps in security. Meanwhile, this type of test is sometimes performed at penetration testing in the IT security field, which are scarce because is expected to system crashes.

When the program for certain products supplied data is causing a problem (eg, crashes ), can building on the basis of white-box testing, the exact cause to be investigated.

Fuzz testing has a good value for money, which is why it is often used in the test phase. Once there is a basic (tools, rules, procedures ) for the fuzzing ( fuzz testing), existing Fuzz testing can (rules / sets) are very fast and in the development easily extended.

Fuzzing is a reliable method for quality assurance of software, especially to uncover yet unknown vulnerabilities and robustness problems in software.

Fuzzing tools

Often, specially designed for the project tools are needed and because of often specially made / programmed for fuzzing. Meanwhile, there are also - in contrast to so-called " frameworks " - proven commercial software. For Web applications, you can often make use of existing tools, as the process illustrated abstracts, always the same and one has a common interface (HTTP / HTML). Basically, with fuzzing tools but all are tested, resulting in a standardized interface, and all you can respond with a protocol.

At this point, fuzzing tools klinken one. For the fuzzing of browsers and software there are now good tools. With these tools, you can generally software such as Web browsers, to control with previously generated invalid data strings / files and provoke unusual program behavior (such as crashes, denial of service, degradation of service), login if necessary, and evaluate later.

Particularly excelled in the field fuzzing has the Security Programmers Group of the University of Oulu in Finland. These have already been developed in 1996 a well-known open source fuzzing tool, called PROTOS, but PROTOS is deprecated since 2004. PROTOS is a fuzzer that works with older techniques.

Today will be developed fuzzer, the advance check the interoperability of the system under test and send on the basis of the test results then the fuzzing test set ( anomalisierte data packets ) to the target system in a commercial environment, more and more " intelligent" or " stateful ".

Well-known open source frameworks can be eg Sulley and Peach. These frameworks are very complex and require extensive knowledge of fuzzing and protocols. Other tools, such as Fuzzino, provide a test data generator for fuzzing, are lightweight and therefore easy to integrate into existing test tools or an existing test process. Commercial, smart fuzzing tools are, inter alia beSTORM of BeyondSecurity or Defensics Codenomicon. Codenomicon 's Defensics works with so-called " test cases " that are predefined. BeyondSecurity 's " beSTORM " fuzzer, however, served each field in a protocol with n × n anomalies and not with test cases.

The Federal Ministry of Education and Research (BMBF ) funded an extensive research project at the University of Bonn- Rhein-Sieg, in which over 100 tools for Threat Modeling and fuzzing were tested for their suitability for software testing and evaluated.