Beyond Unit Testing
How to Uncover Blind Spots in your Java Code with Fuzz Testing
While most Java developers already use unit testing to test whether their application behaves as expected, complementary testing approaches such as fuzz testing enable them to also check their applications for unexpected or strange behaviors that could lead to crashes and make them vulnerable to Denial of Service (Dos) attacks or Zero-Day exploits.
This awesome testing approach is currently gaining a lot of popularity in the open-source community, as it allows developers to execute applications with millions of random, invalid or unusual inputs, which finds bugs that are hard to detect with other testing approaches.
In this live-stream, I will demonstrate how you can apply fuzz testing to your own code, with the CI Fuzz, an easy-to-use fuzzing tool, that enables you to integrate and run fuzz tests directly from your command line or your favorite IDE.
All code examples and tools used are 100% open-source.
# Initialize fuzzing
$ cifuzz init
# Create your first fuzz test
$ cifuzz create my_fuzz_test
# Run fuzz test and find bugs
$ cifuzz run my_fuzz_test