A Deep Dive Into Samsung's TrustZone (Part 2)

In this second blog post of our series on Samsung's TrustZone, we present the various tools that we have developed during our research to help us reverse engineer and exploit Trusted Applications as well as Secure Drivers.

more ...

A Deep Dive Into Samsung's TrustZone (Part 1)

In this first article of a series of three, we will give a tour of the different components of Samsung's TrustZone, explain how they work and how they interact with each other.

more ...

A Glimpse Into Tencent's Legu Packer

Analysis of Tencent Legu: a packer for Android applications.

more ...

CM Browser: HTTPS URL Leak

This blog post presents a vulnerability which affects the widely installed Android web browser.

more ...

QBDI 0.7.0

This blog post introduces the release of QBDI v0.7.0 as well as an Android use case.

more ...

Android Native Library Analysis with QBDI

This blog post deals with QBDI and how it can be used to reverse an Android JNI library

more ...

Android Application Diffing: Analysis of Modded Version

This blog post is about detecting modifications between genuine and repackaged applications.

more ...

Android Application Diffing: CVE-2019-10875 Inspection

This blog post is about examining an Android security patch and understanding how it mitigates the vulnerability.

more ...

Android Application Diffing: Engine Overview

This blog post is about how to efficiently spot code mutations between distinct versions of an Android application.

more ...

Android Runtime Restrictions Bypass

This blog post is about techniques to disable Android runtime restrictions

more ...