In this chapter, we discussed fuzzing. We started by understanding the basics and the value it adds when performing a penetration testing of a web application. We saw the two major types of fuzzing techniques and the different types of applications it can be applied to. We then moved on to fuzzing frameworks and identified the different steps involved when fuzzing. Web applications should be extensively tested through fuzzing, as it can reveal some hidden vulnerabilities that are over looked while manually testing the application. We also saw how to use the Burp intruder to fuzz a web application.

With this, we come to the end of our journey. I hope this book has provided you ideas that can help you perform a penetration test of a web application. ...