Michael Contento

Mutation Testing and Fuzzing in C#

What if your 100% code coverage score is meaningless? Learn how mutation testing and fuzzing find the critical bugs your unit tests miss.

Mutation Testing and Fuzzing in C#
#1about 3 minutes

Understanding the limitations of code coverage metrics

Different code coverage strategies like function, statement, and branch coverage can be misleading and turn testing into a numbers game.

#2about 4 minutes

Introducing mutation testing with a practical example

Mutation testing flips the testing paradigm by intentionally introducing small bugs (mutants) into your code to see if your existing tests can catch them.

#3about 3 minutes

Automating mutation testing in C# with Stryker

The Stryker framework for .NET automates the process of creating mutants, running tests against them, and generating an HTML report to identify weak spots in your test suite.

#4about 5 minutes

Exploring the different types of code mutations

Stryker can generate a wide variety of mutants by altering arithmetic operators, comparison logic, LINQ expressions, and even regular expressions to thoroughly challenge your tests.

#5about 4 minutes

Introducing the core concepts of fuzzing for quality

Fuzzing aims to find program crashes by feeding it mutated, semi-random input that is more effective than purely random data for discovering edge cases.

#6about 2 minutes

How coverage-guided fuzzing intelligently finds bugs

Coverage-guided fuzzing uses instrumentation to track which code paths are executed, prioritizing mutated inputs that explore new areas of the application.

#7about 3 minutes

Using AFL and SharpFuzz for fuzzing in C#

Combine the powerful AFL (American Fuzzy Lop) engine with the SharpFuzz library to create a test harness for fuzzing C# code, including whitelisting expected exceptions.

#8about 5 minutes

Analyzing fuzzing results and practical considerations

Learn to interpret the output from a fuzzing session to identify crash-causing inputs and consider the performance impact when integrating these tools into a CI/CD pipeline.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

Using mutation testing and metrics to improve quality
25:58 MIN

Using mutation testing and metrics to improve quality

Testing .NET applications a Tool box for every developer

Using mutation testing to measure test suite quality
05:35 MIN

Using mutation testing to measure test suite quality

Test-reduction - Doing more with less

Exploring the future of automated security analysis
21:49 MIN

Exploring the future of automated security analysis

Reviewing 3rd party library security easily using OpenSSF Scorecard

Why traditional testing methods fail to guarantee quality
09:07 MIN

Why traditional testing methods fail to guarantee quality

How will artificial intelligence change the future of software testing?

Comparing techniques for automated test case generation
24:02 MIN

Comparing techniques for automated test case generation

How will artificial intelligence change the future of software testing?

Going beyond unit tests with modern application testing
17:04 MIN

Going beyond unit tests with modern application testing

What Developers Get Wrong About Application Quality

A maturity model for unit testing beyond code coverage
06:47 MIN

A maturity model for unit testing beyond code coverage

Are you still programming unit tests or already generating?

Testing is a social and human-centric science
10:30 MIN

Testing is a social and human-centric science

Excellent Software Testing

Featured Partners

Related Videos

See all videos
Testing .NET applications a Tool box for every developer29:13

Testing .NET applications a Tool box for every developer

Alexandre Borges

Test-reduction - Doing more with less23:40

Test-reduction - Doing more with less

Ewald Verhoeven

Your Testing Strategy is broken - lets fix it!28:12

Your Testing Strategy is broken - lets fix it!

Luise Freese

Continuous testing - run automated tests for every change!47:22

Continuous testing - run automated tests for every change!

Christian Kühn

Programming secure C#/.NET Applications: Dos & Don'ts33:29

Programming secure C#/.NET Applications: Dos & Don'ts

Sebastian Leuer

The 2025 State of JavaScript Testing28:33

The 2025 State of JavaScript Testing

Daniel Afonso

Using code generation for test automation – the fancy way40:16

Using code generation for test automation – the fancy way

Roman Alexis Anastasini

How not to test 43:07

How not to test

Golo Roden

Related Articles

View all articles
DC
Daniel Cranney
Dev Digest 188: CfP time, the risks of NPM and IKEA algorithms
Inside last week’s Dev Digest 188 . 🤖 GitHub Copilot CLI is now in public review 💻 Microsoft is bringing ‘vibe working’ to office apps 🎣 Attackers abuse AI tools to generate captchas in fishing attacks ⚠️ When LLMs autonomously attack 🧠 Common cause...
Dev Digest 188: CfP time, the risks of NPM and IKEA algorithms
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.