Fuzz testing strategy varies depending on the attack vectors, fuzzing targets, fuzzing methods, and so forth. For an API, let's focus on fuzzing targets. Fuzz testing has two primary classifications—mutation based and generation based. We will look at the details of both classifications in the following section.