Fuzz testing

What is fuzz testing? 

Fuzz testing (or fuzzing) deliberately bombards your software with malformed, unexpected, or random data to uncover crashes, security vulnerabilities, and edge cases. Think of it as stress-testing your application by throwing every conceivable type of bad input at it to see what breaks. 

Do you have any examples of fuzz testing?

Consider testing a user registration form—you might inject SQL commands into the username field, paste a 10MB text file into the password field, or submit emoji strings into the email field. 

Another common example is testing file uploads by generating thousands of slightly corrupted PDF files to see if your parser breaks. Modern fuzz testing tools like AFL++ can automatically generate these test cases based on code coverage and previous results. 


Why is fuzz testing important? 

Fuzz testing catches bugs like buffer overflows, injection vulnerabilities, and memory corruption issues that traditional testing often misses. 

While unit tests verify that your code works with expected inputs, fuzzing reveals how it fails with unexpected ones. Many critical vulnerabilities in major software have been discovered through fuzz testing, including serious flaws in OpenSSL, browsers, and operating systems. 

What are the challenges with fuzz testing?

The biggest challenge is creating intelligent fuzz tests that find real bugs rather than just random crashes. This requires: 
  • Developing seed inputs that exercise your application's core functionality
  • Writing custom mutators that understand your input format (like file structures or network protocols)
  • Managing the explosion of test cases without getting overwhelmed
  • Distinguishing between meaningful crashes and harmless failures
  • Setting up automated crash reproduction and debugging pipelines 
Rosie Sherry
22nd January 2025
Add Definition
The membership for software testing professionals image

The membership for software testing professionals

Join thousands of other software testers in levelling up their careers
Explore MoT
Manchester Meetup image

Manchester Meetup

Thu, 23 Jan
The power of collaboration in cross-functional teams!
MoT Foundation Certificate in Test Automation
MoT Foundation Certificate in Test Automation
Unlock the essential skills to transition into Test Automation through interactive, community-driven learning, backed by industry expertise
This Week in Testing
This Week in Testing
Debrief the week in Testing via a community radio show hosted by Simon Tomes and members of the community
Subscribe to our newsletter
We'll keep you up to date on all the testing trends.