Exploring Execution Trace Analysis

Off-line dynamic trace analysis offers a number of advantages, which are illustrated in this blog post through several examples using internal tools we specially developed to automate trace collection and analysis.

more ...

An Experimental Study of Different Binary Exporters

This blog post presents a comparison between various disassembled binary exporters.

more ...

Symbolic Deobfuscation: From Virtualized Code Back to the Original (DIMVA 2018)

This micro blog post introduces our research regarding symbolic deobfuscation of virtualized hash functions in collaboration with the CEA and VERIMAG.

more ...

Slaying Dragons with QBDI

This article aims to present a simple use of our Dynamic Binary Instrumentation framework QBDI which has recently been publicly released following a talk at 34C3. We will resolve, step by step, a CTF challenge by analyzing an obfuscated binary using QBDI, thus showcasing some of the nice features it offers. This blog post was written last year during my internship at Quarkslab, where I discovered the wonderful (but not so simple) world of Dynamic Binary Instrumentation.

more ...

Mistreating Triton

Some experiments to mistreat the Triton concolic execution framework through simple forged C programs.

more ...

Triton under the hood

Triton is a Pin-based concolic execution framework which provides some advanced classes to perform DBA.

more ...

SCAF - Source Code Analysis Framework based on Clang - Pre-alpha preview

We recently began to work on source code analysis and the main objective was to easily collaborate on a same analysis. So, we started to develop a framework based on Clang that will be described in this blog post.

more ...