Category: Program Analysis

12 articles
Date Thu 12 October 2023
Authors Roxane Cohen, Robin David, Riccardo Mori
Category Program Analysis

This blog post presents an overview of QBinDiff, the Quarkslab binary diffing tool officially released today. It describes its core principles and shows how it works on binaries as well as on general graph matching problems unrelated to IT security.

Date Tue 02 May 2023
Authors Robin David, Christian Heitman
Category Program Analysis

We present TritonDSE, a new tool by Quarkslab. TritonDSE is a Python library, built on top of Triton, that provides easy and customizable Dynamic Symbolic Execution capabilities for binary programs.

Date Thu 22 September 2022
Author Alexis Challande
Category Program Analysis

Quarkslab is open-sourcing Quokka, a binary exporter to manipulate a program's disassembly without a disassembler. This blog post introduces the project, details some parts of its inner workings, and showcases some potential usages. Quokka enables users to write complex analyses on a disassembled binary without dealing with the disassembler API.

Date Thu 25 June 2020
Authors Christian Heitman, Jonathan Salwan
Category Program Analysis

This blog post is a follow-up on the announcement of Triton v0.8, where we explain how we added support for ARMv7 and provide a guideline for adding new architectures.

Date Thu 03 October 2019
Author Luigi Coniglio
Category Program Analysis

Off-line dynamic trace analysis offers a number of advantages, which are illustrated in this blog post through several examples using internal tools we specially developed to automate trace collection and analysis.

Date Tue 24 September 2019
Authors Robin David, Alexis Challande
Category Program Analysis

This blog post presents a comparison between various disassembled binary exporters.

Date Thu 12 July 2018
Author Jonathan Salwan
Category Program Analysis

This micro blog post introduces our research regarding symbolic deobfuscation of virtualized hash functions in collaboration with the CEA and VERIMAG.

Date Thu 25 January 2018
Author Paul Hernault
Category Program Analysis

This article aims to presentby analyzing an obfuscated binary using QBDI, thus showcasing some of the nice features it offers. This blog post was written last year during my internship at Quarkslab, where I discovered the wonderful (but not so simple) world of Dynamic Binary Instrumentation.

Date Thu 07 September 2017
Authors Serge Guelton, Jonathan Salwan
Category Program Analysis

Some experiments to mistreat the Triton concolic execution framework through simple forged C programs.