boofuzz icon indicating copy to clipboard operation
boofuzz copied to clipboard
verified publisher icon jtpereyda

Idea: Continue Fuzzing After Mutation If SUT Responds With A Valid Response

Open jtpereyda opened this issue 7 years ago • 1 comments

This requires the fuzzing code to provide a parser and response handler that can indicate whether a response was valid. Might be more work than is worthwhile.

jtpereyda avatar Sep 24 '18 19:09 jtpereyda

Just an idea:

  • Send a normal request at the beginning and save the received data
  • Send fuzzed data
  • Send normal request again and compare the received data with the previously saved data.

That way it would be possible to verify that the SUT still works flawlessly. It would not work for protocols containing time/date fields without adding any kind of parsing.

SR4ven avatar Mar 04 '19 21:03 SR4ven