In 2014, QuarksLab was missioned by OpenITP [1] to audit the iOS application ChatSecure and to identify any weakness that could lead to information leakage or any other risk that could impact the user.

Triton is a Pin-based concolic execution framework which provides some advanced classes to perform DBA.

Where a simple xor gets transformed beyond what it ever thought

One month ago, we launched a development challenge. Here come the results.

Contribute to IRMA and enter for your chance to win a free ticket to Amsterdam to attend the HITB security conference.

A modest comparison between two ways of storing our unstructured data, from MongoDB to Elasticsearch.

IRMA (Incident Response & Malware Analysis) is a multi-scanner framework for identifying and analyzing suspicious files. In this article, we describe, step by step, how one can contribute to this open-source project by integrating his own analyzer.

A "hands-on" introduction to LLVM passes through obfuscation.

We recently looked at the Obfuscator-LLVM project in order to test its different protections. Here are our results, and explanations on how we deal with obfuscation.

UPDATE: A way to patch the vulnerability is provided at the end of the article. We explain a vulnerability found when the Samsung Galaxy S5 was released and patched recently by Samsung. It allows a remote attacker to install an arbitrary application by using an unsecure update mechanism implemented in the UniversalMDMClient application related to the Samsung KNOX security solution. The vulnerability has been patched on the Samsung Galaxy S5 but also Note 4 and Alpha. Yet the Samsung Galaxy S4, S4 mini, Note3 and Ace 4 (and possibly others) are still vulnerable.