In this video, I discuss the challenges of managing dependencies and libraries in Java software development projects and the importance of running unit tests. However, I also dig deeper into the limitations of unit tests and the importance of supplementing them with other forms of testing. In the second part of the video, I introduce fuzz testing as a complementary approach to unit testing and give an example of how I was able to replicate a Remote Code Execution CVE in HyperSQL within just a few minutes, using an open-source fuzz testing tool, called CI Fuzz CLI.

If you're new to the channel, make sure to sign up for notifications on YouTube or Twitter, so you don't miss any of the upcoming videos on my journey to learn how to build good Java software more effectively :)

Content:

00:00 Introduction

00:15 Key challenges of Java development

00:36 Benefits and limitations of Unit Testing

01:16 Fuzz Testing as complementary approach to Unit Testing

02:04 Use Case: Finding a RCE in HyperSQL

03:57 Fuzz Testing with CI Fuzz CLI

Links Sources:

• HyperSQL DataBase flaw leaves library vulnerable to RCE
• https://portswigger.net/daily-swig/hypersql-database-flaw-leaves-library- vulnerable-to-rce
• How to Fuzz Java with CI Fuzz CLI
• https://www.code-intelligence.com/blog/fuzz-java-cifuzz-cli
• CI Fuzz CLI on GitHub
• https://github.com/CodeIntelligenceTesting/cifuzz