Reversing Windows Container, episode I: Silo

This article presents the internals of Windows Container.

more ...

Debugging Windows Isolated User Mode (IUM) Processes

In this blog post we discuss how to debug Windows' Isolated User Mode (IUM) processes, also known as Trustlets, using the virtual TPM of Microsoft Hyper-V as our target.

more ...

Diving into Starlink's User Terminal Firmware

This blog post presents an overview of Starlink's User Terminal runtime internals, focusing on the communications that happen within the device and with user applications and some tools that can help further research on the same topic.

more ...

Breaking Secure Boot on the Silicon Labs Gecko platform

In this blog post, we present a new vulnerability on the Gecko Bootloader from Silicon Labs more precisely inside the OTA parser.

more ...

Android Data Encryption in depth

Join us in our journey into modern Android's Data Encryption at rest, in which we study how it works and assess how resistant it is against attackers having access to a range of high end software vulnerabilities.

more ...

For Science! - Using an Unimpressive Bug in EDK II to Do Some Fun Exploitation

In this blog post we'll see a technique to gain code execution in SMM from a very limited write primitive.

more ...

Security audit of Mithril Security BlindAI

Mithril Security engaged a collaboration with Quarkslab to perform an audit of the BlindAI-preview, now known as BlindAI Core, which is an open-source confidential computing solution for querying and deploying AI models while guaranteeing data privacy. The goal of the audit was to evaluate the BlindAI resiliency based on the definition of a threat model after a refresh on the latest state-of-the-art.

more ...

PASTIS For The Win!

In this blog post we present PASTIS, a Python framework for ensemble fuzzing, developed at Quarkslab.

more ...

Introducing TritonDSE: A framework for dynamic symbolic execution in Python

We present TritonDSE, a new tool by Quarkslab. TritonDSE is a Python library, built on top of Triton, that provides easy and customizable Dynamic Symbolic Execution capabilities for binary programs.

more ...

Android greybox fuzzing with AFL++ Frida mode

This article is about greybox fuzzing of userland targets that can be encountered in Android using AFL++ and its Frida mode. We also discuss how to target JNI functions, to test the native features invoked by Java code.

more ...