DevX: Detect Your Web Application's Vulnerabilities Early with Ruby
Jan 31, 2007, 11:30 (0 Talkback[s])
(Other stories by Shreeraj Shah)
"Web application fuzzing is a method of detecting a web
application's vulnerabilities prior to deploying the application on
a production system. Users of this approach send several malicious
requests to the application and, based on the responses received,
determine the application's security posture. Users also can apply
fuzzing to perform tests on several different attack vectors such
as SQL, XPATH, and LDAP injection, and error handling.
"This article introduces web application fuzzing, using Ruby
code to show how it works and demonstrate how to implement it. This
example code can serve as a starting point for a framework; you can
build advanced fuzzing software on top of it..."