A glimpse of ext4 filesystem-level encryption

Linux 4.1 has arrived with a new feature for its popular ext4 filesystem: filesystem-level encryption!

more ...

Why 2FA would not have saved HT?

Nowadays, two-factor authentication is unavoidable. This blogpost details a vulnerability found in the implementation of a YubiKey OTP verification server.

more ...

Security assessment of instant messaging app ChatSecure: when privacy matters

In 2014, QuarksLab was missioned by OpenITP to audit the iOS application ChatSecure and to identify any weakness that could lead to information leakage or any other risk that could impact the user.

more ...

Triton under the hood

Triton is a Pin-based concolic execution framework which provides some advanced classes to perform DBA.

more ...

Turning Regular Code Into Atrocities With LLVM: The Return

Where a simple xor gets transformed beyond what it ever thought

more ...

HiTB Challenge: IRMA - Results

One month ago, we launched a development challenge. Here come the results.

more ...

HiTB Challenge: IRMA

Contribute to IRMA and enter for your chance to win a free ticket to Amsterdam to attend the HITB security conference.

more ...

MongoDB vs. Elasticsearch: The Quest of the Holy Performances

A modest comparison between two ways of storing our unstructured data, from MongoDB to Elasticsearch.

more ...

Writing your own Analyzer for the Open-Source Multi-Scanner IRMA

IRMA (Incident Response & Malware Analysis) is a multi-scanner framework for identifying and analyzing suspicious files. In this article, we describe, step by step, how one can contribute to this open-source project by integrating his own analyzer.

more ...

Turning Regular Code Into Atrocities With LLVM

A "hands-on" introduction to LLVM passes through obfuscation.

more ...