HttpClient-based fuzz test method

A technology of fuzz testing and test cases, which is applied in software testing/debugging, error detection/correction, instrumentation, etc. It can solve problems such as lack, inconvenience, and unsuitability of fuzz testing, and achieve the effect of easy transplantation and flexible operation

Inactive Publication Date: 2021-07-23
杭州孝道科技有限公司
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The use of burpsuite is subject to tools. First, it may be inconvenient to use. Second, it is not suitable for the environment where fuzz testing needs to output results to other codes, so we need a code-based framework. However, the fuzz testing framework spike is essentially C language. , sulley is essentially Python, and there is a lack of Java-based fuzzing frameworks on the market

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • HttpClient-based fuzz test method
  • HttpClient-based fuzz test method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0025] In the present invention, it should be understood that:

[0026] HttpClient, a client programming toolkit that supports the HTTP protocol;

[0027] API, Application Programming Interface, application programming interface;

[0028] Split, the command for character splitting to read the specified file;

[0029] String, string;

[0030] like Figure 1-2 Shown, a kind of fuzz testing method based on HttpClient of the present invention comprises the following steps:

[0031] Step 1: Input the API document and generate fuzz test data;

[0032] Step 2: Use HttpClient to send a request to execute fuzz test data;

[0033] Step 3: Monitor the behavior of the system under test, and judge whether the actual response result is consistent with the expected result. If the actual response result is inconsistent with the expected result, it is judged that ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an HttpClient-based fuzz test method, which comprises the following steps of: 1, inputting an API document, and generating fuzz test data; 2, sending a request to execute fuzzy test data by using an HttpClient; and 3, monitoring behaviors of the tested system, judging whether an actual response result is consistent with an expected result or not, and if the actual response result is inconsistent with the expected result, judging that the current test case can cause vulnerabilities of the tested system. According to the method, the embarrassing situation that a Java language-based fuzzy testing framework is lacked in the field of fuzzy testing is solved, and the phenomenon that a lot of time is consumed for testing personnel to find problems and research and development personnel to position the problems but all the problems cannot be solved can be effectively solved.

Description

technical field [0001] The invention relates to the field of fuzz testing, in particular to an HttpClient-based fuzz testing method. Background technique [0002] Today, the Internet has become an indispensable part of people's lives, and various software and systems emerge in an endless stream. At the same time, the correctness and security of software systems have also become a technical issue that has attracted much attention. In today's era of network information, any tiny error in the software system will be infinitely magnified, and it is difficult to eliminate it only by testing and developers to find out and deal with it. [0003] Fuzzing Test is a kind of automatic or semi-automatic providing unexpected input, and discovering the loopholes of actual software implementation by monitoring abnormal results. The concept of fuzz testing was first proposed by Professor Barton Miller of the University of Wisconsin Madison and his students. In the advanced operating system...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
CPCG06F11/3684G06F11/3688
Inventor 范丙华徐锋秦龙龙
Owner 杭州孝道科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap