Introducing QBDL: how to run the NVIDIA NGX SDK under Linux

This blog post introduces QBDL (QuarkslaB Dynamic Loader) as well as a use case which runs NVIDIA NGX SDK under Linux. You can take a look at the project on Github: https://github.com/quarkslab/QBDL .

more ...

Audit of Session Secure Messaging Application

Oxen mandated Quarkslab to perform an audit of their instant messaging solution Session . This application, forked from Signal, aims to improve users privacy by using an onion routing mechanism . This mechanism differs from Tor's one by requiring a deposit in their own cryptocurrency to operate a Service Node (Snode ), the Oxen equivalent of a Tor Entry, Relay or Exit Node. While reviewing the architecture of this solution, we found some issues and provided recommendations to improve parts of the implementations.

more ...

Ansible Security Assessment

Ansible is an open-source software automating configuration management and software deployment. Ansible is used in Quarkslab to manage our infrastructure and in our product Irma. In order to have an idea of the security of Ansible, we conducted a security assessment. This blogpost presents our findings.

more ...

Irma Past and Future

A retrospective on the 3 past years of development and an introduction to the future of Irma, our File Analysis Solution.

more ...

No Tears, No Fears

Cappsule was released a few weeks ago and we're happy of the positive attention received. However, relying on a custom hypervisor make its usage quite difficult across various distros. This blogpost explains how the same goals can be achieved on Linux with usual software. Impatient readers can directly checkout NoFear's GitHub.

more ...

On the fly virtualization with Cappsule

At Quarkslab, we don't only break software and exploit vulnerabilities, we also try to create innovative and efficient solutions to counter them. Cappsule is one of those solutions.

more ...

Arybo: cleaning obfuscation by playing with mixed boolean and arithmetic operations

Obfuscation is made of many different tricks. One we meet very often is mixed instructions who make computations mixing usual arithmetic (ADD, SUB, MUL, DIV) and boolean one (XOR, AND, NOT, OR). All tools get lost when it comes to cleaning this kind of very messy blocks of instructions, and that is why we designed Arybo. With Arybo, analyzing such expressions become way more easy.

more ...

IRMA v1.3.0

This post deals with the new features in IRMA 1.3.0 released earlier this month, from both a user and a contributor point of view.

more ...

Writing your own Analyzer for the Open-Source Multi-Scanner IRMA

IRMA (Incident Response & Malware Analysis) is a multi-scanner framework for identifying and analyzing suspicious files. In this article, we describe, step by step, how one can contribute to this open-source project by integrating his own analyzer.

more ...