HiTB Challenge: IRMA

Date Fri 17 April 2015
Author Guillaume Dedrie
Category Challenge

Contribute to IRMA and enter for your chance to win a free ticket to Amsterdam to attend the HITB security conference.

Read article

MongoDB vs. Elasticsearch: The Quest of the Holy Performances

Date Mon 23 March 2015
Author Le Maréchal
Category Software

A modest comparison between two ways of storing our unstructured data, from MongoDB to Elasticsearch.

Read article

Writing your own Analyzer for the Open-Source Multi-Scanner IRMA

Date Mon 23 February 2015
Author kamino
Category Software

IRMA (Incident Response & Malware Analysis) is a multi-scanner framework for identifying and analyzing suspicious files. In this article, we describe, step by step, how one can contribute to this open-source project by integrating his own analyzer.

Read article

Turning Regular Code Into Atrocities With LLVM

Date Mon 02 February 2015
Author Adrien Merlini
Category Programming

A "hands-on" introduction to LLVM passes through obfuscation.

Read article

Deobfuscation: recovering an OLLVM-protected program

Date Thu 04 December 2014
Author Francis Gabriel
Category Reverse-Engineering

We recently looked at the Obfuscator-LLVM project in order to test its different protections. Here are our results, and explanations on how we deal with obfuscation.

Read article

Abusing Samsung KNOX to remotely install a malicious application: story of a half patched vulnerability

Date Tue 11 November 2014
Author André Moulu
Category Android

UPDATE: A way to patch the vulnerability is provided at the end of the article. We explain a vulnerability found when the Samsung Galaxy S5 was released and patched recently by Samsung. It allows a remote attacker to install an arbitrary application by using an unsecure update mechanism implemented in the UniversalMDMClient application related to the Samsung KNOX security solution. The vulnerability has been patched on the Samsung Galaxy S5 but also Note 4 and Alpha. Yet the Samsung Galaxy S4, S4 mini, Note3 and Ace 4 (and possibly others) are still vulnerable.

Read article

Stages et alternances 2014-2015

Date Wed 22 October 2014
Author Fred Raynal
Category Life at Quarkslab

Quarkslab propose plusieurs stages, certains sujets pouvant aussi être aussi traités sous forme d'alternance. Ca touche à des tonnes de domaines : recherche de vuln, analyse de code, crypto, compilation, reconnaissance réseau, malware et réponse à incidents. Bref, il y en a pour tous les goûts.

Read article

Python Challenge: The End

Date Tue 23 September 2014
Author Serge Guelton
Category Challenge

Two weeks ago we proposed a Python CTF with a few tickets to HITB KUL to win. Here come the results!

Read article

You like Python, security challenge and traveling? Win a free ticket to HITB KUL!

Date Thu 04 September 2014
Author Serge Guelton
Category Challenge

If you do not like reverse engineering but still like security challenges, we built one for you. And you can use your brain to get a free entry to HITB KUL: https://conference.hitb.org/hitbsecconf2014kul/

Read article

SCAF - Source Code Analysis Framework based on Clang - Pre-alpha preview

Date Mon 25 August 2014
Author Jonathan Salwan
Category Program Analysis

We recently began to work on source code analysis and the main objective was to easily collaborate on a same analysis. So, we started to develop a framework based on Clang that will be described in this blog post.

Read article