The Fuzzing Book
Tools and Techniques for Generating Software Tests
by Andreas Zeller, Rahul Gopinath, Marcel Böhme, Gordon Fraser, and Christian HollerAbout this Book¶
Welcome to "The Fuzzing Book"! Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. Recent years have seen the development of novel techniques that lead to dramatic improvements in test generation and software testing. They now are mature enough to be assembled in a book – even with executable code.
from fuzzingbook_utils import YouTubeVideo
YouTubeVideo("w4u5gCgPlmg")
A Textbook for Paper, Screen, and Keyboard¶
You can use this book in four ways:
You can read chapters in your browser. Check out the list of chapters in the menu above, or start right away with the introduction to testing or the introduction to fuzzing. All code is available for download.
You can interact with chapters as Jupyter Notebooks (beta). This allows you to edit and extend the code, experimenting live in your browser. Simply select "Resources $\rightarrow$ Edit as Notebook" at the top of each chapter. Try interacting with the introduction to fuzzing.
You can use the code in your own projects. You can download the code as Python programs; simply select "Resources $\rightarrow$ Download Code" for one chapter or "Resources $\rightarrow$ All Code" for all chapters. These code files can be executed, yielding (hopefully) the same results as the notebooks. Even easier: Install the fuzzingbook Python package.
You can present chapters as slides. This allows for presenting the material in lectures. Just select "Resources $\rightarrow$ View slides" at the top of each chapter. Try viewing the slides for the introduction to fuzzing.
Who this Book is for¶
This work is designed as a textbook for a course in software testing; as supplementary material in a software testing or software engineering course; and as a resource for software developers. We cover random fuzzing, mutation-based fuzzing, grammar-based test generation, symbolic testing, and much more, illustrating all techniques with code examples that you can try out yourself.
News¶
This book is work in progress. All chapters planned are out now, but we keep on refining the material with minor and major releases. To get notified on updates, follow us on Twitter.
About the Authors¶
This book is written by Andreas Zeller, Rahul Gopinath, Marcel Böhme, Gordon Fraser, and Christian Holler. All of us are long-standing experts in software testing and test generation; and we have written or contributed to some of the most important test generators and fuzzers on the planet. As an example, if you are reading this in a Firefox, Chrome, or Edge Web browser, you can do so safely partly because of us, as the very techniques listed in this book have found more than 2,600 bugs in their JavaScript interpreters so far. We are happy to share our expertise and making it accessible to the public.
Frequently Asked Questions¶
Troubleshooting¶
Why does it take so long to start an interactive notebook?¶
The interactive notebook uses the mybinder.org service, which runs notebooks on their own servers. Starting Jupyter through mybinder.org normally takes about 30 seconds, depending on your Internet connection. If, however, you are the first to invoke binder after a book update, binder recreates its environment, which will take a few minutes. Reload the page occasionally.
The interactive notebook does not work!¶
mybinder.org imposes a limit of 100 concurrent users for a repository. Also, as listed on the mybinder.org status and reliability page,
As mybinder.org is a research pilot project, the main goal for the project is to understand usage patterns and workloads for future project evolution. While we strive for site reliability and availability, we want our users to understand the intent of this service is research and we offer no guarantees of its performance in mission critical uses.
There are alternatives to mybinder.org; see below.
Do I have alternatives to the interactive notebook?¶
If mybinder.org does not work or match your needs, you have a number of alternatives:
Download the Python code (using the menu at the top) and edit and run it in your favorite environment. This is easy to do and does not require lots of resources.
Download the Jupyter Notebooks (using the menu at the top) and open them in Jupyter. Here's how to install jupyter notebook on your machine.
Run the notebook locally in a Docker container. For more information, see How to use the book with Docker.
If you want to use the book in a classroom, and depend on your users having access to the interactive notebooks, consider using or deploying a JupyterHub or BinderHub instance.
Can I run the code on my Windows machine?¶
We try to keep the code as general as possible, but occasionally, when we interact with the operating system, we assume a Unix-like environment (because that is what Binder provides). To run these examples on your own Windows machine, you can install a Linux VM or a Docker environment.
Can't you run your own dedicated cloud service?¶
Technically, yes; but this would cost money and effort, which we'd rather spend on the book at this point. If you'd like to host a JupyterHub or BinderHub instance for the public, please do so and let us know.
Content¶
Can I use your code in my own programs?¶
Yes! See the installation instructions for details.
Which content has come up?¶
See the release notes for details.
How do I cite your work?¶
Thanks for referring to our work! Once the book is complete, you will be able to cite it in the traditional way. In the meantime, just click on the "cite" button at the bottom of the Web page for each chapter to get a citation entry.
Can you cite my paper? And possibly write a chapter about it?¶
We're always happy to get suggestions! If we missed an important reference, we will of course add it. If you'd like specific material to be covered, the best way is to write a notebook yourself; see our Guide for Authors for instructions on coding and writing. We can then refer to it or even host it.
Teaching and Coursework¶
How can I run a course based on the book?¶
We have successfully used the material in various courses.
Initially, we used the slides and code and did live coding in lectures to illustrate how a technique works.
Now, the goal of the book is to be completely self-contained; that is, it should work without additional support. Hence, we now give out completed chapters to students in a flipped classroom setting, with the students working on the notebooks at their leisure. We would meet in the classroom to discuss experiences with past notebooks and discuss future notebooks.
We have the students work on exercises from the book or work on larger (fuzzing) projects. We also have students who use the book as a base for their research; indeed, it is very easy to prototype in Python for Python.
When running a course, do not rely on mybinder.org – it will not provide sufficient resources for a larger group of students. Instead, install and run your own hub.
Are there specific subsets I can focus on?¶
We have compiled a number of tours through the book for various audiences. Our Sitemap lists the dependencies between the individual chapters.
How can I extend or adapt your slides?¶
Download the Jupyter Notebooks (using the menu at the top) and adapt the notebooks at your leisure (see above), including "Slide Type" settings. Then,
- Download slides from Jupyter Notebook; or
- Use the RISE extension (instructions) to present your slides right out of Jupyter notebook.
Do you provide PDFs of your material?¶
At this point, we do not provide support for PDF versions. We will be producing PDF and print versions after the book is complete.
Other Issues¶
I have a question, comment, or a suggestion. What do I do?¶
You can tweet to @fuzzingbook on Twitter, allowing the community of readers to chime in. For bugs you'd like to get fixed, report an issue on the development page.
I have reported an issue two weeks ago. When will it be addressed?¶
We prioritize issues as follows:
- Bugs in code published on fuzzingbook.org
- Bugs in text published on fuzzingbook.org
- Writing missing chapters
- Issues in yet unpublished code or text
- Issues related to development or construction
- Things marked as "beta"
- Everything else
How can I solve problems myself?¶
We're glad you ask that. The development page has all sources and some supplementary material. Pull requests that fix issues are very welcome.
How can I contribute?¶
Again, we're glad you're here! We are happy to accept
- Code fixes and improvements. Please place any code under the MIT license such that we can easily include it.
- Additional text, chapters, and notebooks on specialized topics. We plan to set up a special folder for third-party contributions.
See our Guide for Authors for instructions on coding and writing.
The content of this project is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License. The source code that is part of the content, as well as the source code used to format and display that content is licensed under the MIT License. Last change: 2019-09-09 16:42:54+02:00 • Cite • Imprint