[WEB SECURITY] the different between black box test and fuzzing test .
petand at lvk.cs.msu.su
Tue Jun 14 01:38:11 EDT 2011
"Black-box" - outlines the capabalities of a tester (i.e. provide input
and check output).
"Fuzzing" - outlines an idea for reaching the goal of testing. There
are different goals: security, acceptance, functional, etc.
So sum the things up, these are different dimensions in testing:
capabilities, the goal of testing and the technique used to reach the goal.
For example, you can imagine white-box security testing using in-memmory
fuzzing with dynamic taint analysis.
Hope that helps.
6/14/11 5:56 AM, 孙松柏 пишет:
> hi every one !
> i recently write a paper about open source WAVS .
> I am confused about the fuzzing test and the black box testing.
> can anyone tell me the similarities and differences between them ?
> thx for u precious time !
> Department of Computer Science
> Tsinghua University, Beijing, 100084
> The Web Security Mailing List
> WebSecurity RSS Feed
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
> WASC on Twitter
> websecurity at lists.webappsec.org
More information about the websecurity