Blog Back to all stories

Follow and Subscribe

Jonathan Foote

Security Engineer
June 29

Hijacking the control flow of a WebAssembly program

While WebAssembly has already proven a fertile attack surface for the browser, as more web application code moves to WebAssembly from Javascript there will be a need to research and secure…

May 31

How to bootstrap self-service continuous fuzzing

OSS-Fuzz is an innovative project that is both advancing the state of the art in OSS security engineering and immediately improving the overall quality of the software that serves the…

July 21

How to fuzz a server with American Fuzzy Lop

In this blog post, I'll describe how to use AFL's experimental persistent mode to blow the doors off of a server without having to make major modifications to the server's codebase. I've…