Epona and the Obfuscation Paradox: Transparent for Users, a Pain for Reversers

This blog post demonstrates through an example how the Epona obfuscating compiler, from the Epona Application Protection Suite, achieves the challenge of facilitating the everyday experience of its users while enabling better obfuscation schemes trade-offs.

more ...

Obfuscating Java bytecode with LLVM and Epona

In this article I describe my two-months summer internship project at Quarkslab: obfuscating Java bytecode using the [Epona] Code Obfuscator. This article explains our approach, its advantages and limitations.

more ...

Spectre is not a Bug, it is a Feature

What happens if one builds up on the Spectre vulnerability to implement a convoluted version of memcpy? From an obfuscator point-of-view, it unleashes a wide range of opportunities, which turn a definite bug into a fun[nk]y feature.

more ...

Mistreating Triton

Some experiments to mistreat the Triton concolic execution framework through simple forged C programs.

more ...

PhD defense of Ninon Eyrolles: Obfuscation with Mixed Boolean-Arithmetic Expressions: Reconstruction, Analysis and Simplification Tools


goto llvm_dev_meeting;

Quarkslab's compiler crew is going to LLVM developer Meeting in CA!

more ...

What theoretical tools are needed to simplify MBA expressions?

Mixed Boolean-Arithmetic expressions can be used as an obfuscation technique. Why are they hard to de-obfuscate, and what do we need to do so?

more ...

Turning Regular Code Into Atrocities With LLVM: The Return

Where a simple xor gets transformed beyond what it ever thought

more ...

Turning Regular Code Into Atrocities With LLVM

A "hands-on" introduction to LLVM passes through obfuscation.

more ...

Deobfuscation: recovering an OLLVM-protected program

We recently looked at the Obfuscator-LLVM project in order to test its different protections. Here are our results, and explanations on how we deal with obfuscation.

more ...