SAP

Beginners
SAP ABAP
SAP HR
SAP FICO
SAP Basis
SAP SD
SAP CRM
SAP MM
SAP CO
SAP Payroll
SAP BI/BW
SAP PP
SAP QM
SAP HANA

Web

Java
SQL
PL/SQL
VBScript
Python
Perl
Linux
Javascript
Apache
PHP
AngularJS
Node.js
JSP
SQLite
Web Services
C#
ASP.Net

Must Learn!

Excel
Ethical Hacking
Digital Marketing
Project Management
Accounting
Business Analyst
Cloud Computing
Informatica
MIS
VBA
CCNA
PMP
Photoshop

Big Data

BigData
MongoDB
Cassandra
HBase
Hive
AWS

Testing

Soap UI
Jmeter
ETL Testing
SAP Testing
Database Testing
LoadRunner
Management
Cucumber
JUnit
BugZilla
Mantis

Live Project

Live Testing Project
Live Selenium Project
Live Mobile Testing
Live Security Testing
Live UFT/QTP
Live Testing 2
Live Selenium 2
Live Agile Testing
Live HP ALM
Live PHP Project

Fuzz Testing Tutorial: Fuzzing Strategy & Tools

Details

What is Fuzz Testing?

Fuzz Testing is a type of testing where automated or semi-automated testing techniques are used to discover coding errors and security loopholes in software, operating systems, or networks by inputting invalid or random data called FUZZ to the system. After which the system is monitored for various exceptions, such as crashing down of the system or failing built-in code, etc.

Fuzz testing was originally developed by Barton Miller at the University of Wisconsin in 1989. Fuzz testing or fuzzing is a Software testing technique, and it is a type of Security Testing.

Fuzz Testing Tutorial: Fuzzing Strategy & Tools

Why to do Fuzz Testing?

  • Usually, Fuzz testing finds the most serious security fault or defect.
  • Fuzz testing gives more effective result when used with black box testing, beta testing, and other debugging methods.
  • Fuzz testing is used to check the Vulnerability of software. It is very cost effective testing techniques.
  • Fuzz testing is one of the black box testing technique. Fuzzing is one of the most common method hackers used to find vulnerability of the system.

Fuzz Testing Strategy

The steps for fuzz testing include the basic testing steps-

Step 1) Identify the target system

Step 2) Identify inputs

Step 3) Generate Fuzzed data

Step 4) Execute the test using fuzz data

Step 5) Monitor system behavior

Step 6) Log defects

Testing strategy for fuzz testing

  • Mutation-Based Fuzzers alter existing data samples to create new test data. This is very simple and straight forward approach, this starts with valid samples of protocol and keep mangling every byte or file.

  • Generation-Based Fuzzers define new data based on the input of the model. It starts generating input from the scratch based on the specification.

  • PROTOCOL-BASED-FUZZER, the most successful fuzzer is to have detailed knowledge of protocol format being tested. The understanding depends on the specification. It involves writing an array of the specification into the tool then by using model-based test generation technique go through the specification and add irregularity in the data contents, sequence, etc. This is also known as syntax testing, grammar testing, robustness testing, etc. Fuzzer can generate test cases from existing one, or they can use valid or invalid inputs.

There are two limitations of protocol-based fuzzing:

  1. Testing cannot proceed until the specification is mature.
  2. Many useful protocols are an extension of published protocols. If fuzz testing is based on published specifications, test coverage for new protocols will be limited.
  • The simplest form of fuzzing technique is sending random input to the software either as protocol packets or as an event. This technique of passing random input is very powerful to find bugs in many applications and services.
  • Other techniques are also available, and it is very easy to implement. To implement these techniques we just need to change the existing inputs. We can change input just by interchanging the bits of input.

    Types of bugs detected by Fuzz Testing

  • Assertion failures and memory leaksThis methodology is widely used for large applications where bugs are affecting the safety of memory, which is a severe vulnerability.

  • Invalid input

    In fuzz testing, fuzzers are used to generate an invalid input which is used for testing error-handling routines, and this is important for the software which does not control its input. Simple fuzzing can be known as a way to automate negative testing.

  • Correctness bugs

    Fuzzing can also be used to detect some types of "correctness" bugs. Such as a corrupted database, poor search results, etc.

    Fuzz Testing Tools

    Tools which are used in web security can widely be used in fuzz testing such as Burp Suite, Peach Fuzzer, etc.

  • Peach Fuzzera

    Peach Fuzzer provides more robust and security coverage than a scanner. Other testing tools can search only for known threads whereas Peach Fuzzer enable users to find known and unknown threads.

  • Spike Proxy

    It is a professional-grade tool looking for application-level vulnerabilities in web applications. SPIKE Proxy covers the basics, such as SQL Injection and cross-site-scripting, but it's completely open Python infrastructure. SPIKE Proxy is available for Linux and Windows.

  • Webscarab

    Webscarab is written in Java thus portable to many platforms. For analyzing application Webscarab framework is used that communicate using HTTP and HTTPS protocols.

    Ex: Webscarab works as an intercepting proxy, it allows the operator to review and modify request created by the browser before they are received by the server. And allow to review and update response generated by the server before received by the browser. In this way, if web scarab finds any loophole, it will make the list of the reported issues.

  • Burp

    Burp used as a security tool for java web application. Burp is used to process attacks against applications which include testing for web application vulnerabilities such as buffer overflow, cross-site scripting, SQL injection, etc.

  • OWASP WSFuzzer

    WSFuzzer is a GPL'd program that written in Python. GPL'd program currently targets Web Services. In the current version of OWASPWSFuzzer HTTP based SOAP services are the main target.

  • AppScan

    AppScan scans and tests for all common web application vulnerabilities such as SQL-Injection, Cross-Site Scripting, and Buffer Overflow.

Advantages and Disadvantages of Fuzz Testing

Advantages

  • Fuzz testing improves software security testing.
  • Bugs found in fuzzing are sometimes severe and most of the time used by hackers including crashes, memory leak, unhandled exception, etc.
  • If any of the bugs fails to get noticed by the testers due to the limitation of time and resources those bugs are also found in Fuzz testing.

Disadvantages

  • Fuzz testing alone cannot provide a complete picture of an overall security threat or bugs.
  • Fuzz testing is less effective for dealing with security threats that do not cause program crashes, such as some viruses, worms, Trojan, etc.
  • Fuzz testing can detect only simple faults or threats.
  • To perform effectively, it will require significant time.
  • Setting a boundary value condition with random inputs is very problematic but now using deterministic algorithms based on users inputs most of the testers solve this problem.

Summary:

Fuzz testing shows the presence of bugs in an application. Fuzzing cannot guarantee detection of bugs completely in an application. But by using Fuzz technique, it ensures that the application is robust and secure, as this technique helps to expose most of the common vulnerabilities.

This article is contributed by Priyanka Kothe

 

YOU MIGHT LIKE: