The fuzzer will generally try a combination of attacks using numbers (signed/unsigned integers or floats), chars (URLs or command-line inputs), user-input text, pure binary sequences, and so on. A list of fuzz vectors can be generated from these types. For example, for integers, the fuzz vectors could be zero, a negative value, or a very big integer value; for chars, the fuzz vectors could be escaped characters, Unicode characters, URL-encoded characters, special characters, or a sequence of all of the characters. Once the list of fuzz vectors is generated, the fuzzer will use the list to perform fuzzing on the application.
Fuzzing attack types
Application fuzzing
For a desktop-based application, a fuzzer can perform fuzzing...