pappy

After @Coiffeur0x90 found 3 LPEs in Intego antivirus for macOS, @kaluche_ had to check the Windows version too. Spoiler: it was vulnerable. Here's the full write up of a symlink attack to achieve Local Privilege Escalation👇 blog.quarkslab.com/milking-the-la…

Tired of reversing the same libc for the 100th time? 👀 Meet SightHouse, our open-source tool that automatically detects third-party library functions in binaries. High-confidence function mapping. Works with any disassembler. By @Mad5quirrel & Sami. 🔗 blog.quarkslab.com/sighthouse-aut…

The dragon has a VM. Of course it does. Our latest blog walks through the analysis of a complex C++ binary hiding behind a virtual machine, themed as a classic RPG fight. QBDI & TritonDSE are your weapons of choice. The dragon doesn't stand a chance. 🐉 blog.quarkslab.com/qbdi-vs-triton…

Rule 1️⃣ : "In WAF we (should not) trust" Your WAF is doing its best. That's just not enough 😮‍💨 A deep dive into Web Application Firewall bypass techniques, discovering why blocked ⛔ doesn't always mean safe. blog.quarkslab.com/in-waf-we-shou…

"How does it even work?" The question that keeps hackers' hearts pumping, blood pressure rising, and curiosity growing. This is @virtualabs's reverse engineering journey into a cheap smartwatch that measures at least one of those. blog.quarkslab.com/nerd-life-week…

One bit flip to corrupt it all: Exploitation of an old Linux kernel vulnerability using PageJack, a modern technique to create Use After Free bugs. Here @AzazheI shows you how blog.quarkslab.com/pagejack-in-ac…

Another antivirus 🛡️, another unfulfilled promise 😣. @kaluche_ turns Avira's protection into a privilege escalation playground. 3 LPE vectors via symlink abuse (CVE-2026-27748, CVE-2026-27750) and unsafe deserialization (CVE-2026-27749). Find out more: blog.quarkslab.com/avira-deserial…

Vous me fatiguez. Vous me réveillez. Vous me contredisez. Mais sans vous, je ne servirais à rien. Ton RSSI. Celui qui dort peu pour que vous dormiez tous.

À tous. Je prétends vous contrôler. Mais je passe ma vie à vous supplier de coopérer. Je vous appelle "ma stack". Mais vous êtes surtout ma tension artérielle. Je dis “maîtrise des risques”. Je pense “prions pour que ça tienne”.

💖 Lettre d'amour d'un RSSI 💖 Désabusé. Un peu. Beaucoup. Passionnément. Mes chères amours, Vous êtes nombreuses. Bruyantes. Exigeantes. Parfois instables. Mais sans vous, je dors encore moins. Je pense à vous, toutes mes outils ambigües. 👇

"Dr. Bytecode or: How I Learned to Stop Worrying and Obfuscate Java" A tale about how @farenain started his journey in Java software obfuscation. blog.quarkslab.com/how-to-write-y…