Irma Past and Future

A retrospective on the 3 past years of development and an introduction to the future of Irma, our File Analysis Solution.

more ...

CM Browser: HTTPS URL Leak

This blog post presents a vulnerability which affects the widely installed Android web browser.

more ...

EEPROM: When Tearing-Off Becomes a Security Issue

We will demonstrate how we can recover the password and memory content of RFID tags by carefully cutting the power source during EEPROM writes.

more ...

Analysis of Qualcomm Secure Boot Chains

Qualcomm is the market-dominant hardware vendor for non-Apple smartphones. Considering the [SoCs] they produce are predominant, it has become increasingly interesting to reverse-engineer and take over their boot chain in order to get a hold onto the highest-privileged components while they are executing. Ultimately, the objective is to be able to experiment with closed-source and/or undocumented components such as hardware registers or Trusted Execution Environment Software.

more ...

Quarkslab Internship Offers for 2019-2020

It's time to open Quarkslab internships season! This year, we offer 5 new internships, most of which are linked to binary analysis related research topics but have a look, there is more! Quarkslab team is always pleased to welcome new talents who want to work on complex security research subjects. If you love binaries, want to face new challenges and work in a dynamic environment where curiosity and teamwork are at the heart of our way to do R&D, please apply!

All internships will take place in our main office in Paris, France (and one in Rennes also). If you are coming from abroad, you will need a proper visa to be with us. At Quarkslab, we encourage remote work, but that does not apply to internships.

Last but not least, we usually train Padawans so that they stay with us once their training period is done, even if that does not mean the training is over :)

more ...

Exploring Execution Trace Analysis

Off-line dynamic trace analysis offers a number of advantages, which are illustrated in this blog post through several examples using internal tools we specially developed to automate trace collection and analysis.

more ...

An Experimental Study of Different Binary Exporters

This blog post presents a comparison between various disassembled binary exporters.

more ...

Epona and the Obfuscation Paradox: Transparent for Users, a Pain for Reversers

This blog post demonstrates through an example how the Epona obfuscating compiler, from the Epona Application Protection Suite, achieves the challenge of facilitating the everyday experience of its users while enabling better obfuscation schemes trade-offs.

more ...

QBDI 0.7.0

This blog post introduces the release of QBDI v0.7.0 as well as an Android use case.

more ...

Weisfeiler-Lehman Graph Kernel for Binary Function Analysis

In this blogpost, we present a general method to efficiently compare functions from a new binary against a large database (made of numerous known functions). This method has strong theoretical properties and is perfectly suited to address many conventional problems, such as classification, clustering or near duplicate detection.

more ...