News
What is allowed or not in the fuzzer from Project 1
Written on 30.10.2019 11:33 by Michael Mera
This question came during the lecture yesterday, also on Askbot and finally again this morning, so I want to make it more clear what is actually expected from you.
You can use knowledge of the HTML standard inside your fuzzer to improve the mutations. You cannot use HTML snippets, either from the Internet or crafted manually, regardless of the size of these snippets.
Examples of allowed techniques would be: using a list of valid HTML tag names, using a list of special characters used in HTML, using html5lib to ensure you generate valid HTML markup.
Examples of forbidden techniques would be: using a snippet of HTML from the internet, crafting a specific HTML snippet using html5lib.
You can refer to this Askbot question for a more detailed answer on why we are asking this.
When in doubt you can contact me by email (michael.mera@cispa.saarland) or on the Askbot.