{ "cells": [ { "cell_type": "markdown", "metadata": { "button": false, "deletable": true, "new_sheet": false, "run_control": { "read_only": false }, "slideshow": { "slide_type": "slide" } }, "source": [ "# Part III: Syntactical Fuzzing\n", "\n", "This part introduces test generation at the _syntactical_ level, that is, composing inputs from language structures.\n", "\n", "* [Grammars](Grammars.ipynb) provide a _specification_ of legal inputs to a program. Specifying inputs via a grammar allows for very systematic and efficient test generation, in particular for complex input formats.\n", "\n", "* [Efficient Grammar Fuzzing](GrammarFuzzer.ipynb) introduces tree-based grammar fuzzing algorithms, which are much faster and allow for much more control over the production of fuzz inputs.\n", "\n", "* [Grammar Coverage](GrammarCoverageFuzzer.ipynb) allows to systematically cover elements of a grammar such that we maximize variety and do not miss out individual elements.\n", "\n", "* [Parsing Inputs](Parser.ipynb) shows how to use grammars to parse and decompose a given set of valid seed inputs into their corresponding derivation trees.\n", "\n", "* [Probabilistic Grammar Fuzzing](ProbabilisticGrammarFuzzer.ipynb) gives grammars even more power by assigning _probabilities_ to individual expansions.\n", "\n", "* [Fuzzing with Generators](GeneratorGrammarFuzzer.ipynb) shows how to extend grammars with _functions_ – pieces of code that get executed during grammar expansion, and that can generate, check, or change elements produced.\n", "\n", "* [Greybox Grammar Fuzzing](GreyboxGrammarFuzzer.ipynb) makes use of the structural representation allows us to mutate, crossover, and recombine their parts in order to generate new valid, slightly changed inputs.\n", "\n", "* [Reducing Failure-Inducing Inputs](Reducer.ipynb) presents techniques that _automatically reduce and simplify failure-inducing inputs to a minimum_ in order to ease debugging." ] } ], "metadata": { "ipub": { "bibliography": "fuzzingbook.bib", "toc": true }, "kernelspec": { "display_name": "Python 3", "language": "python", "name": "python3" }, "language_info": { "codemirror_mode": { "name": "ipython", "version": 3 }, "file_extension": ".py", "mimetype": "text/x-python", "name": "python", "nbconvert_exporter": "python", "pygments_lexer": "ipython3", "version": "3.6.8" }, "toc": { "base_numbering": 1, "nav_menu": {}, "number_sections": true, "sideBar": true, "skip_h1_title": true, "title_cell": "", "title_sidebar": "Contents", "toc_cell": false, "toc_position": {}, "toc_section_display": true, "toc_window_display": true }, "toc-autonumbering": false }, "nbformat": 4, "nbformat_minor": 2 }