Tag: fuzzing

11 articles
Date Fri 25 October 2024
Author Baptiste Boyer
Category Fuzzing

This blog post presents our fuzzer for the Bluetooth Low Energy GATT layer and the related vulnerabilities found with it.

Date Thu 03 October 2024
Author Célian Glénaz
Category Cryptography

Following a brief introduction to differential fuzzing, this blog post reviews the leading tools that leverage it for testing cryptographic primitives. In the second half, we present a method for creating a differential fuzzer along with the results we obtained.

Date Thu 18 April 2024
Author Thiébaud Fuchs
Category Hardware

In this blogpost, we present Hydradancer, a new board for Facedancer based on HydraUSB3 allowing faster USB peripherals emulation.

Date Tue 29 August 2023
Author Carlo Ramponi
Category Reverse-Engineering

This blog post presents an overview of Starlink's User Terminal runtime internals, focusing on the communications that happen within the device and with user applications and some tools that can help further research on the same topic.

Date Wed 17 May 2023
Authors Robin David, Christian Heitman
Category Fuzzing

In this blog post we present PASTIS, a Python framework for ensemble fuzzing, developed at Quarkslab.

Date Thu 27 April 2023
Author Eric Le Guevel
Category Android

This article is about greybox fuzzing of userland targets that can be encountered in Android using AFL++ and its Frida mode. We also discuss how to target JNI functions, to test the native features invoked by Java code.

Date Fri 31 March 2023
Authors Sébastien Rolland, Mahé Tardy
Category Vulnerability

This article provides a brief overview of how Microsoft Open Management Infrastructure (OMI) works, as well as two vulnerabilities that the Quarkslab Cloud team identified through fuzzing techniques.

Date Thu 11 August 2022
Authors Damiano Melotti, Maxime Rossi Bellom
Category Android

Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip.

Date Tue 20 July 2021
Author Damien Aumaitre
Category Fuzzing

How to perform snapshot-based coverage-guided fuzzing on Windows kernel components using Rewind, a tool we have just published on Github.

Date Tue 13 April 2021
Authors Robin David, Paul Hernault, Jonathan Salwan
Category Vulnerability

This post is a quick vulnerability report summary for a vulnerability we found while fuzzing the TCP/IP stack CycloneTCP.