Description:

Tarantula is a Rails plugin for doing easy, repeatable fuzz testing of Rails applications. Tarantula crawls your application, supplying random inputs at every turn and looking for signs of trouble. It can be used to regularly check for many kinds of error handling issues, cross-site scripting and SQL injection vulnerabilities, and more mundane things like invalid HTML. This talk will discuss how Tarantula works, how to use it, and how to make it a regular part of your testing strategy.

I'll discuss the various kinds of problems that Tarantula can help you detect. I'll explain how to install Tarantula, configure it for various kinds of testing, and how to interpret (and react to) its output. Finally, I'll discuss how to make it a regular part of your automated testing regimen.