Mattermost End-to-End Encryption Plugin

This blog post introduces a plugin that provides end-to-end encryption (E2EE) to Mattermost.

more ...

Internship Offers for the 2021-2022 Season

It's time to open Quarkslab internships season! This year, we offer new internships related to software and hardware security. Quarkslab team is always pleased to welcome new talents who want to work on complex security research subjects. If you want to face new challenges and work in a dynamic environment where curiosity and teamwork are at the heart of our way to do R&D, please apply!

more ...

kdigger: a Context Discovery Tool for Kubernetes

This article is an introduction to Kubernetes security through the presentation of a new context discovery tool. It was built in reaction to the capture the flag challenge of the Europe 2021 KubeCon Cloud-Native Security Day CTF. We open-sourced the tool, named kdigger, on Github.

more ...

Introducing QBDL: how to run the NVIDIA NGX SDK under Linux

This blog post introduces QBDL (QuarkslaB Dynamic Loader) as well as a use case which runs NVIDIA NGX SDK under Linux. You can take a look at the project on Github: https://github.com/quarkslab/QBDL .

more ...

A virtual journey: From hardware virtualization to Hyper-V's Virtual Trust Levels

A step by step approach to reverse engineer Hyper-V and have a low level insight into Virtual Trust Levels.

more ...

Hello Rewind, meet world

How to perform snapshot-based coverage-guided fuzzing on Windows kernel components using Rewind, a tool we have just published on Github.

more ...

Guided tour inside WinDefender’s network inspection driver

This article describes how Windows Defender implements its network inspection feature inside the kernel through the use of WFP (Windows Filtering Platform), how the device object’s security descriptor protects it from being exposed to potential vulnerabilities and details some bugs I found. As a complement to this post, a small utility is released to test the different bugs.

more ...

RFID: Monotonic Counter Anti-Tearing Defeated

Tear-off techniques to the next level.

more ...

Audit of Session Secure Messaging Application

Oxen mandated Quarkslab to perform an audit of their instant messaging solution Session . This application, forked from Signal, aims to improve users privacy by using an onion routing mechanism . This mechanism differs from Tor's one by requiring a deposit in their own cryptocurrency to operate a Service Node (Snode ), the Oxen equivalent of a Tor Entry, Relay or Exit Node. While reviewing the architecture of this solution, we found some issues and provided recommendations to improve parts of the implementations.

more ...

Remote Denial-of-Service on CycloneTCP : CVE-2021-26788

This post is a quick vulnerability report summary for a vulnerability we found while fuzzing the TCP/IP stack CycloneTCP.

more ...