quarkslab

1.7K posts

quarkslab banner
quarkslab

quarkslab

@quarkslab

Securing every bit of your data https://t.co/hqdd8jMkYM https://t.co/GOXPtukIXE

Paris, France Katılım Ekim 2011
13 Takip Edilen12.6K Takipçiler
quarkslab
quarkslab@quarkslab·
BOLT is a static analysis tool, part of LLVM compiler infrastructure, used to verify that compiler security hardening options have been applied on a binary. Thanks to @OSTIFofficial we've worked since November 2025 to improve it. Check our progress here: blog.quarkslab.com/extending-llvm…
English
1
9
29
2.2K
quarkslab
quarkslab@quarkslab·
From prompt 😃to pwned 😢: Implementing an LLM in your org? Useful. Trusting its output? That's how a low-priv user became admin. Ship the feature, don't extend it your trust. blog.quarkslab.com/from-prompt-to…
quarkslab tweet media
English
0
11
28
4.1K
quarkslab
quarkslab@quarkslab·
Practical Android Software Protection in the Wild: An Appetizer In which @Farenain analyzes 2.5 million Android apps to identify and classify the obfuscators, packers and code protectors they use: blog.quarkslab.com/practical-andr…
quarkslab tweet media
English
0
21
42
3.6K
quarkslab
quarkslab@quarkslab·
What happens when reverse engineers spend weeks digging into a Scala 3 codebase? 🔍 From code review to fuzzing, our assessment helped strengthen Scala's security . The results of our audit, conducted in collaboration with @OSTIFofficial, are here: blog.quarkslab.com/scala-security…
English
0
7
20
2.6K
quarkslab
quarkslab@quarkslab·
Did you hear about Optical Line Terminals? ISPs rely on them to build their service networks, but what if they're vulnerable? Here @coiffeur0x90 shows how attackers could compromise entire ISPs by exploiting them and cloud-based fleet management software blog.quarkslab.com/how-olts-may-h…
quarkslab tweet media
English
0
20
43
5.2K
quarkslab
quarkslab@quarkslab·
A hands-on look at Microsoft’s Independent Guest Virtual Machine (IGVM) format inside OpenHCL’s `openhcl.bin`. We unpack the fixed header, variable headers, data layout, and how IGVM measurement supports Confidential Computing with SEV-SNP and TDX. 🔗blog.quarkslab.com/the-igvm-file-…
English
0
9
20
4.1K
quarkslab retweetledi
Sébastien Rolland
Sébastien Rolland@Blindevy·
My new blog post is released. It explains in detail how applications (App Registrations, Service Principals, MI) and their permissions really work, why they can introduce several subtle paths for privilege escalation, and presents my open-source tool designed to uncover them.
quarkslab@quarkslab

Do you know how Entra ID applications work? What about the security mess they can bring and what they can quietly break? New blog post on Entra ID application permissions, the audit nightmare they create, and QAZPT, our OSS tool built to make sense of it: blog.quarkslab.com/auditing-appli…

English
1
14
97
14K
quarkslab
quarkslab@quarkslab·
Do you know how Entra ID applications work? What about the security mess they can bring and what they can quietly break? New blog post on Entra ID application permissions, the audit nightmare they create, and QAZPT, our OSS tool built to make sense of it: blog.quarkslab.com/auditing-appli…
quarkslab tweet media
English
0
17
84
20.2K
quarkslab
quarkslab@quarkslab·
Obfuscation vs The Optimizer: A Battle in LLVM Middle End. @yates82 shows us how the continuous improvement of the LLVM optimizer defeats naive code obfuscation, and how the obfuscator can fight back. An eternal fight in which all victories are ephemeral blog.quarkslab.com/obfuscation-vs…
quarkslab tweet media
English
2
28
73
14.8K
quarkslab
quarkslab@quarkslab·
🤔Ever wondered how your favorite tools work under the hood? During our work on SightHouse, we dug into BSIM, Ghidra's Binary function SIMilarity engine. Many tools have been built around it, yet its internals remained undocumented. Until now 👇 blog.quarkslab.com/bsim-explained…
quarkslab tweet media
English
0
6
31
2.6K
quarkslab
quarkslab@quarkslab·
🚗 We traced a car’s life from China to Poland. By analyzing a BYD Telematic Control Unit, Romain Marchand reconstructed its journey and identified a real-world event from GPS logs alone. Embedded forensics + OSINT = real stories hidden in data. 👉 blog.quarkslab.com/tearing-down-a…
quarkslab tweet media
English
1
31
51
5.5K
quarkslab retweetledi
Farenain
Farenain@Farenain·
Recently @quarkslab published a solution of a CTF using TritonDSE and QBDI where they analyzed a VM protected binary, and I thought "Shit, I want to analyze something too...". And this weekend I did an analysis of another crackme with a custom VM but this time using Triton! 🧵
Farenain tweet mediaFarenain tweet mediaFarenain tweet mediaFarenain tweet media
English
2
20
136
17.8K
quarkslab
quarkslab@quarkslab·
Tired of reversing the same libc for the 100th time? 👀 Meet SightHouse, our open-source tool that automatically detects third-party library functions in binaries. High-confidence function mapping. Works with any disassembler. By @Mad5quirrel & Sami. 🔗 blog.quarkslab.com/sighthouse-aut…
quarkslab tweet media
English
2
40
161
10.5K
quarkslab
quarkslab@quarkslab·
The dragon has a VM. Of course it does. Our latest blog walks through the analysis of a complex C++ binary hiding behind a virtual machine, themed as a classic RPG fight. QBDI & TritonDSE are your weapons of choice. The dragon doesn't stand a chance. 🐉 blog.quarkslab.com/qbdi-vs-triton…
quarkslab tweet media
English
1
44
119
5.6K
quarkslab
quarkslab@quarkslab·
Rule 1️⃣ : "In WAF we (should not) trust" Your WAF is doing its best. That's just not enough 😮‍💨 A deep dive into Web Application Firewall bypass techniques, discovering why blocked ⛔ doesn't always mean safe. blog.quarkslab.com/in-waf-we-shou…
quarkslab tweet media
English
0
35
117
6.7K
quarkslab
quarkslab@quarkslab·
"Intego X9: Never trust my updates" Read @Coiffeur0x90's research showing how XPC interprocess communications and the update mechanism of the Intego antivirus for MacOS can be abused for local privilege escalation. blog.quarkslab.com/intego_lpe_mac…
quarkslab tweet media
English
0
6
12
1.6K