Why are Frida and QBDI a Great Blend on Android?
Introduction Reverse engineering of Android applications is usually considered as somewhat effortless because of the possibility of retrieving the Java...
Premium Members Content
A Deep Dive Into Samsung’s TrustZone (Part 3)
Part 1: Detailed overview of Samsung's TrustZone components Part 2: Tools development for reverse-engineering and vulnerability research Part 3: Vulnerability...
Triton v0.8 and ARMv7: A Guideline for Adding New Architectures
As you may have read in our previous blog post, the release of Triton v0.8 came with a lot of...
Playing Around With The Fuchsia Operating System
Introduction Fuchsia is a new operating system developed by Google, targeting the AArch64 and x86_64 architectures. While little is known...
Ansible Security Assessment
Introduction Ansible is an open-source software that automates configuration management and software deployment. If you're not familiar with Ansible, we...
How a Security Anomaly was Accidentally Found in an EAL6+ JavaCard
Context Quarkslab is one of the 10 ITSEF (Information Technology Security Evaluation Facility, CESTI in French) licensed by the ANSSI's...
Reverse Engineering a VxWorks OS Based Router
Introduction Embedded devices are a huge and wide world of options for CPU architectures, operating systems and file systems. You...
Triton v0.8 is Released!
We are pleased to announce that we released Triton v0.8 under the terms of the Apache License 2.0 (same license...
How to Use John The Ripper in a Google Collab for FREE!
How many times have you needed to use John The Ripper to do some password cracking but just not had...
CVE-2020-0069: Autopsy of the Most Stable MediaTek Rootkit
Introduction In March 2020, Google patched a critical vulnerability affecting many MediaTek based devices . This vulnerability had been known...
Reverse Engineering a Philips TriMedia CPU based IP Camera – Part 3
Introduction Welcome to the final chapter of the Trimedia series. In the first part of the series, I introduced this...
A Deep Dive Into Samsung’s TrustZone (Part 2)
Introduction After detailing Samsung's TrustZone implementation in the first part of this series, this blog post introduces the tools that...
A Deep Dive Into Samsung’s TrustZone (Part 1)
Motivations After a general introduction on the ARM TrustZone and a focus on Qualcomm's implementation, this new series of articles...
A Glimpse Into Tencent’s Legu Packer
Introduction This blog post deals with the Legu packer, an Android protector developed by Tencent that is currently one of...
Irma Past and Future
Introduction Irma is our file security analysis software, originally developed as an open source project with the sponsorship of 5...
Cobalt Strike
Cobalt Strike is software for Adversary Simulations and Red Team Operations. What this means is, if you wanted to test your...
Canary Tokens
TLDR: Canary tokens are not new but can help give you some Intel into your attackers, be it insider or...
Kali Linux 2018.3 Increase TxPower
Increasing the TXpower above what is allowed in your country can be illegal. If you decide to make these changes...
How to setup your Libre Elec / Kodi / Google Home Bluetooth / Yatse Android Remote
I have a number of Kodi Media Centre running in different rooms around the house. Some are hooked up to...
Another, Here is my OSCP story
So the OSCP journey is hard work, needs commitment, understanding from your wife and a try harder attitude (you will...
Ubiquiti Guest Wifi VLANS and PfSense
Ok, so you have upgraded your Wi-Fi to a new shiney circular Ubiquiti device....and you are using PfSense too? Welcome...
Stapler v1 – VulnHub walkthrough
See attached PDF, i will migrate to a proper post when i can find time..... Stapler VM - Summary
Custom Access Denied Page – PfSense Squid Proxy
If like me you want to customise your Squid Proxy error page then , you have come to the correct...
HatCloud : Tool to uncover real IP address of servers using CloudFlare
HatCloud is built in Ruby. It allows you to discover the real IP address of a host that is being...
