Bluetooth Low Energy GATT Fuzzing This blog post presents our fuzzer for the Bluetooth Low Energy GA... 2024-10-25 06:0:0 | 阅读: 3 | 收藏 | Quarkslab's blog - blog.quarkslab.com gatt sony quarkslab pdu espressif

Internship Offers for the 2024-2025 Season The internship season is back at Quarkslab! Our internship topics... 2024-10-18 06:0:0 | 阅读: 0 | 收藏 | Quarkslab's blog - blog.quarkslab.com satellite internship security analysis network

Linux kernel instrumentation from Qemu and Gdb Techniques for analyzing binaries or kernel modules that may try t... 2024-10-17 06:0:0 | 阅读: 2 | 收藏 | Quarkslab's blog - blog.quarkslab.com lx gpl syms unused pfn

Attacking the Samsung Galaxy A* Boot Chain We discovered several vulnerabi... 2024-10-15 06:0:0 | 阅读: 0 | 收藏 | Quarkslab's blog - blog.quarkslab.com memory samsung odin persistency

Bypass Apache Superset restrictions to perform SQL injections The following article explains... 2024-10-10 06:0:0 | 阅读: 7 | 收藏 | Quarkslab's blog - blog.quarkslab.com superset security sqlparse adhoc subquery

Exploiting Microsoft Teams on macOS during a Purple Team engagement The following article explains how during a Purple Team engagement... 2024-10-8 06:0:0 | 阅读: 6 | 收藏 | Quarkslab's blog - blog.quarkslab.com microsoft library nslog security

Differential fuzzing for cryptography Following a brief introduction to differential fuzzing, this blog... 2024-10-3 06:0:0 | 阅读: 0 | 收藏 | Quarkslab's blog - blog.quarkslab.com pelican fuzzer cryptofuzz textrm

crypto-condor: a test suite for cryptographic primitives In this blog post we present crypto-condor, an open-source test su... 2024-9-24 06:0:0 | 阅读: 4 | 收藏 | Quarkslab's blog - blog.quarkslab.com condor primitives digest testu01 hashlib

Exploiting Chamilo during a Red Team engagement The following blogpost explains how during a Red Team engagement w... 2024-9-17 06:0:0 | 阅读: 4 | 收藏 | Quarkslab's blog - blog.quarkslab.com php chamilo 58080 attacker

Audit of Operator Fabric Quarkslab was mandated by the O... 2024-9-4 06:0:0 | 阅读: 2 | 收藏 | Quarkslab's blog - blog.quarkslab.com quarkslab security fabric developers

Audit of Airswift's Supply Chain Financing Drawing from our audit of Airswift's SCF, we discuss part of Sorob... 2024-8-27 06:0:0 | 阅读: 13 | 收藏 | Quarkslab's blog - blog.quarkslab.com scf argentina soroban airswift pledge

MIFARE Classic: exposing the static encrypted nonce variant... and a few hardware backdoors We studied the most secure stat... 2024-8-20 06:0:0 | 阅读: 3 | 收藏 | Quarkslab's blog - blog.quarkslab.com fm11rf08s mifare annexes fudan hardware

Heap exploitation, glibc internals and nifty tricks. This is a writeup of a heap pwn challenge at HitconCTF Qualifiers... 2024-7-30 06:0:0 | 阅读: 5 | 收藏 | Quarkslab's blog - blog.quarkslab.com bins unsorted allocator username memory

Audit of Cloud Native Buildpacks IntroductionThe Cloud Native Buildpacks (also kn... 2024-7-16 06:0:0 | 阅读: 0 | 收藏 | Quarkslab's blog - blog.quarkslab.com cloud security buildpacks quarkslab

Let’s Go into the rabbit hole (part 3) — the challenges of dynamically hooking Golang programs Golang is the most used programming language for developing cloud... 2024-7-9 06:0:0 | 阅读: 2 | 收藏 | Quarkslab's blog - blog.quarkslab.com library cgocall memory

Looking for vulnerabilities in Strapi (CVE-2024-34065) Discovery of two vulnerabilitie... 2024-6-25 06:0:0 | 阅读: 10 | 收藏 | Quarkslab's blog - blog.quarkslab.com strapi grantconfig microsoft

Recovering an ECU firmware using disassembler and branches This blogpost explains how we recovered the firmware of a fleet-sh... 2024-6-18 06:0:0 | 阅读: 2 | 收藏 | Quarkslab's blog - blog.quarkslab.com clusters sectors fat emmc instr

Let’s Go into the rabbit hole (part 2) — the challenges of dynamically hooking Golang programs Golang is the most used programming language for developing cloud... 2024-6-11 06:0:0 | 阅读: 2 | 收藏 | Quarkslab's blog - blog.quarkslab.com addgo b001 packagefile cfunc

How malware authors play with the LNK file format We did a quick study on the most common ways to deliver malware th... 2024-5-30 06:0:0 | 阅读: 5 | 收藏 | Quarkslab's blog - blog.quarkslab.com itemid windows itu shortcut

Audit of Kuksa, the open-source shared building blocks for Software Defined Vehicles Eclipse KUKSA's committers, with support from Eclipse Foundation,... 2024-5-21 06:0:0 | 阅读: 2 | 收藏 | Quarkslab's blog - blog.quarkslab.com databroker kuksa eclipse quarkslab protobuf