After completing this video, the learner will understand the use of fuzzing as a software testing technique.
- [Voiceover] Fuzz testing, or fuzzing, is a very important…software security testing technique.…Fuzzing provides many different types of valid…and invalid input to software in an attempt…to make it enter an unpredictable state…or disclose confidential information.…It works by automatically generating input values…and feeding them to the software package.…Fuzzing can use different input sources.…The developer running the test can supply a long…or short list of input values.…
The developer running the test can write a script…that generates input values.…The fuzz testing software can generate…input values randomly or from a specification,…this is known as generation fuzzing.…Or the fuzz tester can analyze real input…and then modify those real values.…This is known as mutation fuzzing.…Let's take a look at an example of fuzz testing.…We'll use the Zed application proxy, or ZAP,…available for free from the Open Web Application…Security Project, OWASP.…
Here I am inside ZAP.…I'm going to go ahead and use the ZAP browser…
We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- SQL injection prevention
- Cross-site scripting (XSS) prevention
- Fuzz testing
- Mobile device management (MDM)
- Mobile device tracking
- Operating system security
- Hardware security
- Virtualization security
- File permissions
- Data encryption
- Securing smart devices
Skill Level Intermediate
1. Application Security
2. Mobile Security
3. Host Security
4. Data Security
5. Static Environments
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.