« Captcha Recognision via Averaging | Main | CGISecurity Interview with Sullo the Author of Nikto »

Using Fuzzers in Software Testing: Identifying Application Risks

I've written a short blurb on my other site  QASEC.com on why using fuzzers in QA can pay off. This is a new site focused on speaking to the various people involved in a development cycle using a language that they are familiar with in short to the point articles.

"Fuzzers are used to perform negative testing against application inputs to identify unexpected behaviors. This is accomplished by throwing valid and invalid data in application inputs. Fuzzers can be good tools to identify filtering problems (E.g. a email address verifier that does a poor job) and after initial setup require little maintenance with the exception of medium to major application changes. These behaviors may be harmless bugs, but could lead to some sort of security risk. "

Article Link: http://www.qasec.com/cycle/usingfuzzers.shtml


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!