A gentle introduction to Microsoft OMI and how to crash it This article provides a brief overview of how Microsoft Open Management Infrastructure (OMI)... 2023-3-31 06:0:0 | 阅读: 23 | 收藏 | Quarkslab's blog - blog.quarkslab.com wsman microsoft omi quarkslab zt

Our Pwn2Own journey against time and randomness (part 1)" A journey into the Pwn2Own contest. Part 1: Netgear RAX30 router WAN vulnerabilities Quark... 2023-3-24 07:0:0 | 阅读: 21 | 收藏 | Quarkslab's blog - blog.quarkslab.com curlopt firmware hnd netgear setopt

Audit of Falco, the open-source cloud-native runtime security Falco's maintainers, with support from Cloud Native Computing Foundation, engaged with Quarks... 2023-3-22 07:0:0 | 阅读: 10 | 收藏 | Quarkslab's blog - blog.quarkslab.com falco scap memory libscap libsinsp

Vulnerabilities in the TPM 2.0 reference implementation code In this blog post we discuss the details of two vulnerabilities we discovered in the Trusted... 2023-3-14 07:0:0 | 阅读: 17 | 收藏 | Quarkslab's blog - blog.quarkslab.com tpm quarkslab microsoft tpms

Dark Phoenix: a new White-box Cryptanalysis Open Source Tool We are releasing a new cryptanalysis tool based on a known paper but without known open sourc... 2023-2-28 07:0:0 | 阅读: 25 | 收藏 | Quarkslab's blog - blog.quarkslab.com phoenix encodings dfa faults mixcolumn

Post-Exploitation: Abusing the KeePass Plugin Cache This blog post presents a post-exploitation approach to inject code into KeePass without proc... 2023-1-26 07:0:0 | 阅读: 15 | 收藏 | Quarkslab's blog - blog.quarkslab.com keepass plgx security passwords database

Digging into the OCI Image Specification The OCI Image Specification is the core concept behind container images. However, not much is... 2022-11-24 07:0:0 | 阅读: 34 | 收藏 | blog.quarkslab.com blobs oci containerd mediatype alpine

Internship Offers for the 2022-2023 Season The internship season is back at Quarkslab! Our internship topics cover a wide range of our e... 2022-10-17 06:0:0 | 阅读: 45 | 收藏 | blog.quarkslab.com internship assignment protections reverse firmware

Quokka: A Fast and Accurate Binary Exporter Quarkslab is open-sourcing Quokka, a binary exporter to manipulatea program's disassembly wi... 2022-9-22 06:0:0 | 阅读: 21 | 收藏 | blog.quarkslab.com quokka 00s protobuf analysis prog2

Defeating eBPF Uprobe Monitoring This article introduces a kind of eBPF program that may be used to monitor userspace pro... 2022-8-30 06:0:0 | 阅读: 29 | 收藏 | blog.quarkslab.com uprobe uprobes ebpf vma xol

Attacking Titan M with Only One Byte Following our presentation at Black Hat USA, in this blog post we provide some details o... 2022-8-11 06:0:0 | 阅读: 34 | 收藏 | blog.quarkslab.com chip titan memory quarkslab firmware

Secure Messaging Apps and Group Protocols, Part 2 In the first partof the blogpost, we tackled the issue of 1v1 conversations,and it is... 2022-6-16 06:0:0 | 阅读: 68 | 收藏 | blog.quarkslab.com mls leaf encryption security ska

Binbloom blooms: introducing v2 In this blogpost we present our brand new version of binbloom, a toolto find the base a... 2022-5-31 06:0:0 | 阅读: 18 | 收藏 | blog.quarkslab.com firmware binbloom memory candidate titan

Secure Messaging Apps and Group Protocols, Part 1 Today's communications are, as frequently requested by users, more and moresecure. In t... 2022-5-24 06:0:0 | 阅读: 71 | 收藏 | blog.quarkslab.com ratchet security x3dh pfs dhe

Digging Into Runtimes – runc Everyone knows about Docker but not a lot of people are aware of the underlying technolo... 2022-5-10 06:0:0 | 阅读: 24 | 收藏 | blog.quarkslab.com runc lrwxrwxrwx cryptonite mar mars

Commit Level Vulnerability Dataset In this blog post, we present a new vulnerability dataset composed ofthousands of vulne... 2022-4-26 06:0:0 | 阅读: 28 | 收藏 | blog.quarkslab.com security aosp bulletins fixing

A Brief Overview of Auditing XCMv2 Parity Tech mandated Quarkslab to audit XCM version 2 (XCMv2), a cross consensus communicatio... 2022-3-29 06:0:0 | 阅读: 91 | 收藏 | blog.quarkslab.com xcm polkadot executor security pallet

Heap Overflow in OpenBSD's slaacd via Router Advertisement In this blog post we analyze a heap overflow vulnerability we discovered in the IPv6 sta... 2022-3-22 07:0:0 | 阅读: 20 | 收藏 | blog.quarkslab.com dnssl openbsd slaacd ra

Kubernetes and HostPath, a Love-Hate Relationship This article traces the history of three Kubernetes-related vulnerabilities. Explaining... 2022-3-3 07:0:0 | 阅读: 41 | 收藏 | blog.quarkslab.com kubernetes kubelet symlinks 1002101

Smali the Parseltongue Language When analyzing an Android application, we often end up playing withthe Smali intermedia... 2022-2-3 07:0:0 | 阅读: 92 | 收藏 | blog.quarkslab.com 11241 smali 359 apk