WhiteBoxFuzzing

White-box fuzzing is a testing approach that combines fuzz testing with direct analysis of a program's internals. It uses access to source code, intermediate representations, or detailed models to guide input generation, with the goal of exercising deep or complex code paths and triggering bugs that may be hard to reach with random inputs. It sits in contrast to black-box fuzzing, which has no internal visibility, and gray-box fuzzing, which uses limited profiling information.

Methodologically, white-box fuzzing relies on static analysis and symbolic execution to derive constraints that inputs must

Advantages include high path coverage, the ability to discover logic- or constraint-dependent bugs, and precise reproduction

Common tools and frameworks include KLEE, Angr, and SAGE, which perform symbolic execution or related white-box