From what I can tell, fuzzing is like unleashing thousands of monkeys
with keyboards on your website and seeing if anything breaks. Has
anybody tried RFuzz? What’s sorts of things has it found?
From what I can tell, fuzzing is like unleashing thousands of monkeys
with keyboards on your website and seeing if anything breaks. Has
anybody tried RFuzz? What’s sorts of things has it found?
Hehe, yeah Joe, it’s pretty capable already, but could use some more use
in the fuzzing area.
Take a look in the examples directory. There’s a Mongrel test suite
that uses rspec and rant to fire up a Rails app at ~/projects/testapp
and then tries to destroy it and validate certain things. All the tests
in that suite came from bugs that were found which I needed fuzzing to
prevent in future releases.
Next, take a look at the examples dir for various ways it’s used as a
client and as a fuzzing lib.
Then, try breaking some stuff and let me know what happens. Tons of
fun.
… like unleashing thousands of monkeys with keyboards on your website …
Do we really need another anti-IE flamefest?
Eh? Not sure if you were joking, but I’m pretty sure Joe wasn’t bashing
IE. It’s just a tool for breaking all sorts of stuff. I’ll tell ya,
Firefox sure could use some Fuzz as well in the javascript domain.
Safari could use some fuzzing tests in how it handles the HTTP protocol
as well. Everything is suspect really.
Mostly because writing software really sucks (and no, Haskell don’t fix
it :-).
On Tue, 24 Oct 2006 02:56:39 -0400
“Heri R>” [email protected] wrote:
Zed A. Shaw, MUDCRAP-CE Master Black Belt Sifu
ok, Joe and Zed S. is the same guy and he replies emails by his other half
?
is there a transformation involved like in dr jekyll and mr hyde?
When you become a MUDCRAP Certified Engineer, you too will be able to
pretend to be me so well that others confuse you with me and all my
powerful glory.