Android Application Diffing: Analysis of Modded Version

This blog post is about detecting modifications between genuine and repackaged applications.

more ...

An overview of macOS kernel debugging

This is the first of two blog posts about macOS kernel debugging. Here, we introduce what kernel debugging is, explain how it is implemented for the macOS kernel and discuss the limitations that come with it; in the second post, we will present our solution for a better macOS debugging experience.

more ...

Android Application Diffing: CVE-2019-10875 Inspection

This blog post is about examining an Android security patch and understanding how it mitigates the vulnerability.

more ...

Development of a training ECU

In this article we describe how we created a low cost training Electronic Control Unit (ECU) that can be attacked at will, without damaging a real car. The whole project is open-source on Quarkslab's github page.

more ...

Android Application Diffing: Engine Overview

This blog post is about how to efficiently spot code mutations between distinct versions of an Android application.

more ...

Reverse-engineering Broadcom wireless chipsets

Broadcom is one of the major vendors of wireless devices worldwide. Since these chips are so widespread they constitute a high value target to attackers and any vulnerability found in them should be considered to pose high risk. In this blog post I provide an account of my internship at Quarkslab which included obtaining, reversing and fuzzing the firmware, and finding a few new vulnerabilities.

more ...

Android Runtime Restrictions Bypass

This blog post is about techniques to disable Android runtime restrictions

more ...

Defeating NotPetya from your iLO

NotPetya is a variant of the Petya ransomware that appeared in June 2017 in Ukraine. These malwares have the particularity to rewrite the MBR of computers that are still using an old fashioned BIOS-based booting system. This MBR encrypts the Master File Table (MFT) of the underlying NTFS partition systems.

more ...

Reverse Engineering a Philips TriMedia CPU based IP camera - Part 2

Second part of a blog post series about our approach to reverse engineer a Philips TriMedia based IP camera.

more ...

Reverse Engineering a Philips TriMedia CPU based IP camera - Part 1

First part of a blog post series about our approach to reverse engineer a Philips TriMedia based IP camera.

more ...