RFuzz - The Web Fuzzer Tool

RFuzz is a Ruby library to easily test web applications from the outside using a fast HttpClient and wicked evil RandomGenerator allowing the average programmer to use advanced fuzzing techniques for just pennies a day.

Fuzzing is a powerful tool for cheaply cranking out inputs which will break your web application in unexpected ways. Yet, RFuzz isn’t limited to only fuzzing.

RFuzz’s arsenal of tools means that you can test a web application starting at the dumbest level (raw random HTTP), and work your way up to carefully crafted tests to exploit commonly found flaws.

It’s not limited to random testing or security testing at all since the HttpClient and Session are able to do regular testing you’d normally do with Mechanize instead. Combined with Hpricot and you get a fast HTML validation suite as well as HTTP based testing.

Typically fuzzing is only used on projects that have a dedicated testing budget. A main goal of RFuzz is to make it so easy to write external fuzzing tests that every project can create and maintain a full testing suite cheaply.