I’ve written a short blurb on my other site QASEC.com
on why using fuzzers in QA can pay off. This
is a new site focused on speaking to the various people involved in a
development cycle using a language that they are familiar with in short
to the point articles.
"Fuzzers are used to perform negative testing against application
inputs to identify unexpected behaviors. This is accomplished by
throwing valid and invalid data in application inputs. Fuzzers can be
good tools to identify filtering problems (E.g. a email address
verifier that does a poor job) and after initial setup require little
maintenance with the exception of medium to major application changes.
These behaviors may be harmless bugs, but could lead to some sort of
security risk. "
Article Link: http://www.qasec.com/cycle/usingfuzzers.shtml
