Mayhem Case Studies

If you are using Circle CI for your build pipelines, you can now scan your APIs for security vulnerabilities by adding Mayhem's official orb.

Learn to "test like a hacker” by testing with the goal of generating exploitable defects, then using those to inform remediation efforts.

ForAllSecure hosted a hackathon at Arizona State University where 181 students, including Vishnu Prateek Kakaraparthi, participated as part of the Mayhem Heroes program.

The LockBit ransomware gang no longer offers just one service, like ransomware, but multiple services, like anti-analysis tools and bug bounty programs. Mick Baccio from Splunk’s SURGe explains how ransomware gangs are evolving into crimeware-as-a-service platforms, as one stop shop for all your online criminal needs.

Try API fuzzing with the Swagger Petstore API, a stand-alone REST API server that implements the OpenAPI 3 Specification. Learn how to fuzz the Pestore API!

Learn how to improve successful coverage with Mayhem for API by adding or refining schemas in the spec to generate structurally valid payloads.

ForAllSecure hosted a hackathon at Arizona State University where 181 students, including Bailey Capuano, participated as part of the Mayhem Heroes program.

Lighttpd is an open-source web server optimized for speed with considerations for compliance, security, and flexibility. Lighttpd 1.4.15 had a few vulnerabilities that have since been patched. Let's use Mayhem to sniff out those bugs.

Once authentication is configured, the next step is to ensure that Mayhem for API is able to successfully cover as much of your API as possible.