Spectre is not a Bug, it is a Feature

What happens if one builds up on the Spectre vulnerability to implement a convoluted version of memcpy? From an obfuscator point-of-view, it unleashes a wide range of opportunities, which turn a definite bug into a fun[nk]y feature.

more ...

Mistreating Triton

Some experiments to mistreat the Triton concolic execution framework through simple forged C programs.

more ...

PhD defense of Ninon Eyrolles: Obfuscation with Mixed Boolean-Arithmetic Expressions: Reconstruction, Analysis and Simplification Tools


goto llvm_dev_meeting;

Quarkslab's compiler crew is going to LLVM developer Meeting in CA!

more ...

What theoretical tools are needed to simplify MBA expressions?

Mixed Boolean-Arithmetic expressions can be used as an obfuscation technique. Why are they hard to de-obfuscate, and what do we need to do so?

more ...

Turning Regular Code Into Atrocities With LLVM: The Return

Where a simple xor gets transformed beyond what it ever thought

more ...

Turning Regular Code Into Atrocities With LLVM

A "hands-on" introduction to LLVM passes through obfuscation.

more ...

Deobfuscation: recovering an OLLVM-protected program

We recently looked at the Obfuscator-LLVM project in order to test its different protections. Here are our results, and explanations on how we deal with obfuscation.

more ...

Building an obfuscated Python interpreter: we need more opcodes

Where building a custom obfuscated Python interpreter for a Python packer turned into an optimized Python interpreter.

more ...