Mayhem Blog

Expert insights and tips on application security, API security, and other DevSecOps topics.

View All
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
What’s New: August 2024
No items found.

What’s New: August 2024

We’ve improved import/export capabilities, refined our analysis of Windows targets, and launched the first iteration of automated defect tracking.
Why Automotive Developers Shouldn't Overlook Application Fuzzing

Why Automotive Developers Shouldn't Overlook Application Fuzzing

This blog post will explore why application fuzzing is important and how it can complement protocol fuzzing in automotive development.
How to Test Embedded Systems Security Easily with Mayhem

How to Test Embedded Systems Security Easily with Mayhem

In this blog post, we will demonstrate how Mayhem can be used to easily set up fuzzing campaigns in embedded systems, using IoTGoat’s dnsmasq as an example.
Lessons from Today’s CrowdStrike Outage: How to Navigate Software Release Challenges

Lessons from Today’s CrowdStrike Outage: How to Navigate Software Release Challenges

Let’s talk about the challenges of delivering global scale software and the things engineering teams can do to improve reliability.
Meet the Mayhem Team at Blackhat 2024

Meet the Mayhem Team at Blackhat 2024

We’re excited to announce that Mayhem will be attending and will have a booth at Black Hat 2024. We look forward to connecting with you!
Finding FireWire (IEEE 1394) Vulnerabilities: CVE-2023-3159 and CVE-2024-27401

Finding FireWire (IEEE 1394) Vulnerabilities: CVE-2023-3159 and CVE-2024-27401

Testing low-level code such as IEEE 1394 (FireWire) can be a challenge. The solution lies in extracting kernel functions and testing them like unit tests.
CVE-2024-28578: Test Third-Party Image Libraries With Mayhem

CVE-2024-28578: Test Third-Party Image Libraries With Mayhem

Learn how to test third-party image libraries with Mayhem, using CVE-2024-28578 - an exploitable vulnerability in the FreeImage library - as an example.
Building a Time Machine: Testing Debian Packages Across Time

Building a Time Machine: Testing Debian Packages Across Time

In this blog post, we’re going to attempt to use Debian and its packages to build a mini time machine and investigate the vulnerability of packages across time.
CAN Bus vs. Ethernet

CAN Bus vs. Ethernet

In this blog, we’ll do a quick comparison of CAN vs. Ethernet and go over some of the strengths and weaknesses of both in the context of automotive systems.

How about some Mayhem in your inbox?

Subscribe to our monthly newsletter for expert insights and news on DevSecOps topics, plus Mayhem tips and tutorials.

By subscribing, you're agreeing to our website terms and privacy policy.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.