Fuzzing, or fuzz testing is an automated testing technique for computer programs. For various reasons it has become increasingly common to use this technology. This report will first describe why there is a need for a fuzzer that can test several applications in a domain. Then, it explains the important elements of a fuzzer and how to implement them. Finally we will test our own implementation of a fuzzer, DWAF, on a number of web applications, which clearly shows that it is able to find many SQL-injections and XSS bugs.