1. Home
  2. Docs
  3. Learning Center
  4. Test Case Generation

Test Case Generation

GUARDARA is capable of utilizing multiple test case generation methods, even simultaneously. This page discusses the different methods, highlighting their pros and cons.

Generation-based

This test case generation method uses templates that describe structured data to automatically generate a vast amount of test cases. Using this method GUARDARA can generate test cases that are:

  • Structurally sound and relationships between different fields or group of fields is modelled accurately. For example, calculating the length of data blocks, repeating certain data blocks without corrupting the data structure is both possible and easy.
  • Correct where and when it must be correct. GUARDARA can calculate valid checksums or hashes on the fly, encrypt blocks within structured data, or apply different encodings on fields (e.g., URL encoding) or groups of fields.
  • State-aware. For example, in a communication flow, data can be extracted from responses and used in follow-up requests or used to control test case execution by dynamically altering the test flow.

In addition to the above, there are some added benefits:

  • Feature coverage. It is possible to configure what exactly is to be tested or not to be tested. This allows creating separate test configurations that focus only on testing a specific feature or component so you can test the areas of the target that has changed.
  • Shorter test run time compared to alternative test generation methods. Testing multiple features can be run in parallel to achieve better coverage within a shorter time.
  • There is no need to modify the codebase of the target to disable certain checks, security mechanisms, or features in order to be able to test efficiently.

The disadvantage of this method is that creating templates to model structured data and creating test flows requires an understanding of the data structure or protocol, and also takes some time. However, GUARDARA is packed with features to simplify this process significantly.

Mutation-based

The mutation-based approach is a non-structure-aware test case generation method that introduces small changes to existing data that may trigger unexpected behaviour when processed by the target.

The main benefit of the mutation-based test case generation is that there is no need for the user to understand the structure of the data being mutated, therefore is a quick and easy way to get started with testing. Unfortunately, the mutation-based approach has several disadvantages. Some of these are listed below.

  • It is much more likely to generate completely invalid data due to not being aware of what valid data structure look like. As a result, significant time is spent bombarding the target with data that does not even pass the most basic filters. Triggering bugs and vulnerabilities has a low probability every time this happens.
  • The mutation-based test case generation becomes extremely inefficient if the structured data contains checksums and hashes, encrypted and encoded blocks that would have to be generated on the fly.
  • Not having an understanding of the data leads to not being able to understand and incorporate the concept of application state into the testing process. Because of this, mutation-based test case generation is very counterproductive when, for example, testing network communications.

Hybrid

GUARDARA can combine mutation-based and generation-based test case generation to exploit the benefits of both and balance their cons.

Achieving mutation-based test case generation is as simple as creating a template that contains a single Binary field that represents the entire data. This way, within just a few seconds, we are ready to test. Suppose we wanted to improve the quality of the generated test cases, we could parse either part of the Binary field or the entire data properly using Fields. The test case generation for the parsed fields is handled by a collection of field type-specific algorithms, while the unparsed areas are still handled by the mutation-based algorithm.

Was this article helpful to you? Yes 1 No