Want to create an interactive transcript for this episode?
Podcast: Chaos Computer Club - recent audio-only feed
Episode: Demystifying Fuzzer Behaviour (39c3)
Description: Despite how it's often portrayed in blogs, scientific articles, or corporate test planning, fuzz testing isn't a magic bug printer; just saying "we fuzz our code" says nothing about how _effectively_ it was tested. Yet, how fuzzers and programs interact is deeply mythologised and poorly misunderstood, even by seasoned professionals. This talk analyses a number of recent works and case studies that reveal the relationship between fuzzers, their inputs, and programs to explain _how_ fuzzers work.
Fuzz testing (or, "fuzzing") is a testing technique that passes randomly-generated inputs to a subject under test (SUT). This term was first coined in 1988...