摘要 |
Systems and methods to deliver malformed data for software application fuzzing are described. In one aspect, a fuzzing engine receives well-formed valid input data from a test automation tool. The received data is for input into a software application to implement a functional test. Responsive to receiving the well-formed valid input data, the fuzzing engine automatically generates corresponding malformed data based on characteristics of the well-formed valid input data. The application is then automatically fuzzed with the malformed data to notify an end-user of any security vulnerabilities in one or more code paths of the application used to process the malformed data.
|