If you check out the demo you see all of the options available to fuzz:
Number of characters - This inserts between 1 and 10 characters in the chosen position
Character position - The string position of the characters chosen. E.g. if you choose â€œ0â€³ then the â€œjâ€ will be replaced or appended.
Replace character - Simply replaces the character rather than add characters to the position.
Url encode - Urlencodes the vector before outputting the link.
HTML hex entity encode - Instead of output the character, it uses the HTML hex entity instead.
HTML dec entity encode - Instead of output the character, it uses the HTML decimal entity instead.
Semi-colons - Adds a semi-colon if HTML entities are used.
Random zero fill - Adds a bunch of random zeros if entities are used.
Start from - Is the starting character to begin the fuzz. E.g â€œ0â€³ is null
He has also found interesting results in various browsers such as:
Posted by Dion Almaer at 11:07 am