Generation-based fuzz tests, also known as intelligent fuzzing, are tests based on an understanding of known formats, known protocols, and the generation of inputs from scratch according to the system/API specifications (RFC) and formats (for instance, the format from the API documentation).

Generation fuzz tests are capable of building test data based on the data model. Sometimes, these tests are as simple as injecting random bytes, and sometimes they can be much smarter, knowing good data values and combining them in multiple interesting ways (such as having regular expressions as part of the request body, having hostnames in the header, and changing intended response types to different types).

Before we conclude this section on fuzz-testing strategies, let's get to know another very successful fuzz testing method, known as protocol-based fuzz testing (also known as syntax testing, grammar testing, and robust testing). In protocol-based fuzz testing, the testers have detailed knowledge of the protocol format, and their understanding depends on the given specifications. Here, the specifications are intended as an array of stored specifications within a model-based testing tool, and it is also capable of generating test data. Then, the tool needs to go through all of the specifications and add irregularity to the sequence, data contents, and so on to expose vulnerabilities.