On Mon, 23 Oct 2006 21:52:26 +0200
Joe R. MUDCRAP-CE [email protected] wrote:
Zed’s rockin’ away on a new project:
From what I can tell, fuzzing is like unleashing thousands of monkeys
with keyboards on your website and seeing if anything breaks. Has
anybody tried RFuzz? What’s sorts of things has it found?
Hehe, yeah Joe, it’s pretty capable already, but could use some more use
in the fuzzing area.
Take a look in the examples directory. There’s a Mongrel test suite
that uses rspec and rant to fire up a Rails app at ~/projects/testapp
and then tries to destroy it and validate certain things. All the tests
in that suite came from bugs that were found which I needed fuzzing to
prevent in future releases.
Next, take a look at the examples dir for various ways it’s used as a
client and as a fuzzing lib.
Then, try breaking some stuff and let me know what happens. Tons of
Zed A. Shaw, MUDCRAP-CE Master Black Belt Sifu
http://www.lingr.com/room/3yXhqKbfPy8 – Come get help.