fuzzing-input-generator
Generate randomized and edge-case inputs to detect unexpected failures, bugs, and security vulnerabilities through fuzz testing. Use when creating test cases for robustness testing, generating adversarial inputs, testing error handling, finding edge cases, or security testing. Produces Python test code with fuzzing inputs for strings, numbers, and structured data focusing on edge cases, invalid inputs, and random valid inputs. Triggers when users ask to generate fuzz tests, create randomized test inputs, test edge cases, find bugs through fuzzing, or generate adversarial test cases.
git clone --depth 1 https://github.com/ArabelaTso/Skills-4-SE /tmp/fuzzing-input-generator && cp -r /tmp/fuzzing-input-generator/skills/fuzzing-input-generator ~/.claude/skills/fuzzing-input-generatorSKILL.md
# Fuzzing Input Generator
## Overview
Generate comprehensive fuzz testing inputs to uncover bugs, crashes, and security vulnerabilities by systematically testing functions with edge cases, invalid inputs, and randomized data.
## Workflow
### 1. Analyze the Target Function
Understand what needs to be fuzzed:
**Identify input types:**
- Strings (text, paths, URLs, etc.)
- Numbers (integers, floats)
- Booleans
- Collections (lists, dicts, sets)
- Structured data (JSON, XML)
- Files or binary data
- Combinations of above
**Understand expected behavior:**
- What are valid inputs?
- What should happen with invalid inputs?
- Are there documented constraints?
- What error handling exists?
**Extract function signature:**
```python
def process_user_input(name: str, age: int, email: str) -> dict:
"""Process user registration data."""
# Analyze: expects string, int, string
# Constraints: name non-empty, age > 0, email format
```
### 2. Select Fuzzing Strategy
Choose appropriate fuzzing approaches:
#### Edge Case Fuzzing
Test boundary conditions and special values:
- Empty inputs
- Very large inputs
- Minimum/maximum values
- Zero, negative numbers
- Special characters
- Null/None values
#### Invalid Input Fuzzing
Test with malformed or incorrect data:
- Wrong types
- Invalid formats
- Out-of-range values
- Malformed structures
- Encoding issues
#### Random Valid Fuzzing
Generate random but technically valid inputs:
- Random strings of various lengths
- Random numbers in valid ranges
- Random but well-formed structures
- Valid but unusual combinations
#### Security Fuzzing
Test for vulnerabilities:
- Injection attacks (SQL, command, XSS)
- Path traversal
- Buffer overflows
- Format string attacks
- Unicode exploits
### 3. Generate Fuzz Test Code
Create Python test functions with fuzzing inputs.
#### Basic Template
```python
import pytest
import random
import string
def fuzz_<function_name>():
"""Fuzz test for <function_name>."""
# Edge cases
edge_cases = [
# Add specific edge case inputs
]
# Invalid inputs
invalid_inputs = [
# Add invalid inputs
]
# Random valid inputs
def generate_random_valid():
# Generate random but valid input
pass
# Test edge cases
for input_data in edge_cases:
try:
result = function_under_test(input_data)
# Check result or at least that it doesn't crash
except Exception as e:
# Document or assert expected exceptions
pass
# Test invalid inputs
for input_data in invalid_inputs:
# Similar testing pattern
pass
# Test random inputs
for _ in range(100):
random_input = generate_random_valid()
# Test with random input
```
### 4. Generate Input Categories
Create comprehensive input sets for each parameter type. See [fuzzing-patterns.md](references/fuzzing-patterns.md) for extensive patterns.
#### String Inputs
```python
def generate_string_fuzz_inputs():
"""Generate fuzz inputs for string parameters."""
return [
# Empty and whitespace
"",
" ",
" ",
"\t",
"\n",
"\r\n",
# Length edge cases
"a", # Single char
"a" * 100, # Medium
"a" * 10000, # Long
"a" * 1000000, # Very long
# Special characters
"!@#$%^&*()",
"'",
"\"",
"\\",
"<script>alert(1)</script>",
# Unicode
"🔥",
"你好",
"مرحبا",
# Injection patterns
"'; DROP TABLE users--",
"../../../etc/passwd",
"${var}",
# Format strings
"%s%s%s",
"{0}{1}{2}",
# Null bytes
"\x00",
"test\x00test",
]
```
#### Number Inputs
```python
def generate_number_fuzz_inputs():
"""Generate fuzz inputs for numeric parameters."""
return [
# Integers
0,
1,
-1,
2**31 - 1, # Max 32-bit int
-2**31, # Min 32-bit int
2**63 - 1, # Max 64-bit int
-2**63, # Min 64-bit int
# Floats
0.0,
-0.0,
float('inf'),
float('-inf'),
float('nan'),
1e308, # Near max float
1e-308, # Near min float
0.1 + 0.2, # Precision issue
# Edge cases
None,
"123", # String number
"not a number",
[],
{},
]
```
#### Structured Data Inputs
```python
def generate_json_fuzz_inputs():
"""Generate fuzz inputs for JSON/dict parameters."""
return [
# Empty
{},
[],
None,
# Type confusion
{"number": "123"},
{"bool": "true"},
{"array": "[]"},
# Deep nesting
{"a": {"b": {"c": {"d": {"e": "deep"}}}}},
[[[[["nested"]]]]],
# Large structures
{f"key{i}": i for i in range(1000)},
[i for i in range(10000)],
# Special keys
{"": "empty key"},
{"key with spaces": "value"},
{"key.with.dots": "value"},
# Mixed types
{"str": "text", "num": 123, "bool": True, "null": None, "arr": [1, 2]},
# Invalid JSON strings
"{invalid}",
'{"unclosed": ',
'{"key": undefined}',
]
```
### 5. Write Complete Test Functions
Generate executable test code:
#### Example 1: String Processing Function
```python
import pytest
import random
import string
def test_fuzz_process_username():
"""Fuzz test for username processing."""
def process_username(username: str) -> str:
"""Function under test."""
if not username:
raise ValueError("Username cannot be empty")
if len(username) > 50:
raise ValueError("Username too long")Applies abstract interpretation using different abstract domains (intervals, octagons, polyhedra, sign, congruence) to statically analyze program variables and infer invariants, value ranges, and relationships. Use when analyzing program properties, inferring loop invariants, detecting potential errors, or understanding variable relationships through static analysis.
Uses abstract interpretation to automatically infer loop invariants, function preconditions, and postconditions for formal verification. Generates invariants that capture program behavior and support correctness proofs in Dafny, Isabelle, Coq, and other verification systems. Use when adding formal specifications to code, generating verification conditions, inferring contracts for functions, or discovering loop invariants for proofs.
Performs abstract interpretation over source code to infer possible program states, variable ranges, and data properties without executing the program. Reports potential runtime errors including out-of-bounds accesses, null dereferences, type inconsistencies, division by zero, and integer overflows. Use when analyzing code for potential runtime errors, performing static analysis, checking safety properties, or verifying program behavior without execution.
Performs abstract interpretation to produce summarized execution traces and high-level program behavior representations. Highlights key control flow paths, variable relationships, loop invariants, function summaries, and potential runtime states using abstract domains (intervals, signs, nullness, etc.). Use when analyzing program behavior, understanding execution paths, computing loop invariants, tracking variable ranges, detecting potential runtime errors, or generating program summaries without concrete execution.
Create ACSL (ANSI/ISO C Specification Language) formal annotations for C/C++ programs. Use this skill when working with formal verification, adding function contracts (requires/ensures), loop invariants, assertions, memory safety annotations, or any ACSL specifications. Supports Frama-C verification and generates comprehensive formal specifications for C/C++ code.
CLI-based browser automation with persistent page state using ref-based element interaction. Use when users ask to navigate websites, interact with web pages, fill forms, take screenshots, test web applications, or extract information from web pages.
Detects and analyzes ambiguous language in software requirements and user stories. Use when reviewing requirements documents, user stories, specifications, or any software requirement text to identify vague quantifiers, unclear scope, undefined terms, missing edge cases, subjective language, and incomplete specifications. Provides detailed analysis with clarifying questions and suggested improvements.
Design and review APIs with suggestions for endpoints, parameters, return types, and best practices. Use when designing new APIs from requirements, reviewing existing API designs, generating API documentation, or getting implementation guidance. Supports REST APIs with focus on endpoint structure, request/response schemas, authentication, pagination, filtering, versioning, and OpenAPI specifications. Triggers when users ask to design, review, document, or improve APIs.