Posted by: Anonymous
on July 26, 2007 06:34 PM
First, I am happy that you made an article about this showing how to use fuzz testers. Second, I'd like to correct you on a few points. Fuzz testing has been around for years -- at least since 1989 when it was demonstrated at UW-Madison by Barton Miller. So it's not the biggest thing it IT security in quite a while because it's been around for nearly 20 years. The original program was called fuzz and it's still in use but zzuf came around with a following and new features and I applaud Sam for his efforts and hope he continues to develop an advanced fuzz tester/testing suite.
Also, please don't blame users for bad input in forms which should be developed to only accept certain types of data. There are many better examples of stupid user input.