Mayhem Blog

In 2016, the Mirai IoT botnet shut down part of the internet, yet variations still plague us today. Maybe our current approach to IoT botnets isn’t working? Ali Davanian and Ahmad Darki join the Hacker Mind podcast to discuss their Black Hat USA 2021 talk and their tool, CnCHunter.

No one likes waiting for regression tests to run.  Maintaining the smallest regression test suite that still covers all the code makes sure your software pipeline is as fast as possible.  In addition, when running a fuzzing campaign to find bugs, a smaller initial test suite (aka "corpus" or "seeds") typically improves fuzzing efficiency. In this article, we describe an algorithm that gives you a 2.7x improvement.

In August 2021, Dr James Ransome hosted the Fuzzing Real Talks at FuzzCon 2021. Ransome was joined by industry experts Anmol Misra of Autodesk, Larry Maccherone of Contract Security, Damilare D. Fagbemi of Resilient Software Security, and Jeff Costlow of Extrahop Networks.

At ForAllSecure, we’re all about fuzzing and making it easier for customers to quickly fuzz and secure their applications. That’s why we’ve gone ahead and compiled a catalog of tutorial fuzzing targets written and compiled using several different languages (and architectures) like C/C++, Python, Go, Rust, Java and many others!

Organizations are increasingly adopting more security practices to ensure the quality and robustness of their applications. One of the challenges that remain unaddressed is finding unknown or zero-day vulnerabilities.

What role does technology play in facilitating intimate partner abuse? What role might the security industry have in identifying or even stopping it? Ludrina Cherne and Martijn Grooten join the The Hacker Mind podcast to discuss their 2021 Black Hat USA talk.

In August 2021, Brook S. E. Shoenfield -- Author, Passionate Security Architect, and Curious Questioner of Assumptions -- challenged whether application security can be fixed at FuzzCon 2021. Shoenfield observed and boldly called out that breaches not only continue to roll in, but the cadence continues to increase.

PPP wanted to give their past high school selves the infosec education they didn’t have. But if you think picoCTF is only for HS students, think again.

Last August 2021, ForAllSecure held its second annual FuzzCon. FuzzCon seeks to bring together technical experts and industry leaders across various sectors to share fuzz testing knowledge. Our ultimate vision for FuzzCon is to be a key source for connecting people with knowledge and fellow enthusiasts.