Reverse Engineering a Philips TriMedia CPU based IP Camera - Part 3

Third part of a blog post series about our approach to reverse engineer a Philips TriMedia based IP camera.

more ...

A Deep Dive Into Samsung's TrustZone (Part 2)

In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.

more ...

A Deep Dive Into Samsung's TrustZone (Part 1)

In this first article of a series of three, we will give a tour of the different components of Samsung's TrustZone, explain how they work and how they interact with each other.

more ...

A Glimpse Into Tencent's Legu Packer

Analysis of Tencent Legu: a packer for Android applications.

more ...

Irma Past and Future

A retrospective on the 3 past years of development and an introduction to the future of Irma, our File Analysis Solution.

more ...

CM Browser: HTTPS URL Leak

This blog post presents a vulnerability which affects the widely installed Android web browser.

more ...

EEPROM: When Tearing-Off Becomes a Security Issue

We will demonstrate how we can recover the password and memory content of RFID tags by carefully cutting the power source during EEPROM writes.

more ...

Analysis of Qualcomm Secure Boot Chains

Qualcomm is the market-dominant hardware vendor for non-Apple smartphones. Considering the [SoCs] they produce are predominant, it has become increasingly interesting to reverse-engineer and take over their boot chain in order to get a hold onto the highest-privileged components while they are executing. Ultimately, the objective is to be able to experiment with closed-source and/or undocumented components such as hardware registers or Trusted Execution Environment Software.

more ...

Quarkslab Internship Offers for 2019-2020

It's time to open Quarkslab internships season! This year, we offer 5 new internships, most of which are linked to binary analysis related research topics but have a look, there is more! Quarkslab team is always pleased to welcome new talents who want to work on complex security research subjects. If you love binaries, want to face new challenges and work in a dynamic environment where curiosity and teamwork are at the heart of our way to do R&D, please apply!

All internships will take place in our main office in Paris, France (and one in Rennes also). If you are coming from abroad, you will need a proper visa to be with us. At Quarkslab, we encourage remote work, but that does not apply to internships.

Last but not least, we usually train Padawans so that they stay with us once their training period is done, even if that does not mean the training is over :)

more ...

Exploring Execution Trace Analysis

Off-line dynamic trace analysis offers a number of advantages, which are illustrated in this blog post through several examples using internal tools we specially developed to automate trace collection and analysis.

more ...