Uncovering vulnerabilities in Cryptographic libraries: Mayhem, Matrixssl, and WolfSSL

Introduction

As part of a recent initiative at ForAllSecure to analyze more open source software with Mayhem, a next-generation fuzzing solution, we decided to investigate some cryptographic libraries.

Read More

ForAllSecure Uncovers Critical Vulnerabilities in Das U-Boot

Introduction

This summer, I utilized ForAllSecure Mayhem, a next-generation fuzz testing solution, to analyze software that are heavily used. I felt these types of components in particular deserve more scrutiny from a security perspective. It is often believed that software that is frequently reused is more secure, because it has been reviewed..

Read More

Analyzing Matio and stb_vorbis Libraries with Mayhem

At ForAllSecure, our mission is to help developers find critical bugs in their software quicker, easier, and faster than standard development practices and tools. To facilitate this mission, we have looked to the open source world for exemplar software we can analyze with our next-generation fuzzer Mayhem, in order to get a stronger sense of..

Read More

ForAllSecure Uncovers Vulnerability in Netflix DIAL Software

Introduction

This month, as interns at ForAllSecure, we participated in a contest to test the beta version of Mayhem on various open source projects. If you’re not familiar with Mayhem, it’s a software security tool that uses next-generation fuzzing, a patented technique that combines guided fuzzing and symbolic execution, to uncover defects in..

Read More

Stay Connected

Information Management Today

Subscribe to updates