ToolsSoftwareConferencesArticlesCVE
Tools
  1. Dreamboot: source code for a UEFI bootkit for Windows 8 x64
    1. Source: https://github.com/quarkslab/dreamboot
    2. How does it work?

  2. Quarks PwDump is new open source tool to dump various types of Windows credentials: local account, domain accounts, cached domain credentials and bitlocker. The tool is currently dedicated to work live on operating systems without injecting in any process, limiting the risk of undermining their integrity or stability. it requires administrator's privileges and is still in beta test.
    1. Source: https://github.com/quarkslab/quarkspwdump
    2. How does it work?

  3. qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's graph windows with Windbg's position.
    1. Source: https://github.com/quarkslab/qb-sync
    2. How idoes it work?

  4. iMITMProtect is an open source tool to keep record of keys retrieved by iMessage on OS X, just in case someone tries to do something bad.
    1. Source: https://github.com/quarkslab/iMITMProtect
    2. About iMessage privacy

Software

QUARKSLAB is the official reseller for the Euro zone of JEB : The Interactive Android Decompiler, a powerful Android app decompiler designed for security professionals.


  1. Pricing
    1. One individual license costs EUR 780.
    2. Three licenses cost EUR 1950.
    3. Additional licenses receive a 20% discount.
    4. Members of the academic community and students will receive a flat 30% discount.

  2. Support
    1. Each license comes with support for one year, which includes major updates, minor updates, and fixes.
    2. After a year, a user may renew their license and receive a 30% discount.

  3. Website: [www.android-decompiler.com]

  4. Contact: jeb(at)quarkslab.com

Conferences
  1. Scalable Network Recon: Why Port Scans are for Pussies [slides (en)]
    Source: HITB Amsterdam, 2014
    Authors: Fred Raynal (Quarkslab), Adrien Guinet (Quarkslab)

  2. iMessage privacy [slides (en)]
    Source: HITB Kuala Lumpur, 2013
    Authors: Cyril Cattiaux (Quarkslab), gg (Quarkslab)

  3. Security of Android applications [slides (fr)] [slides (en)] [article (fr)]
    Source: SSTIC Conference, France, Rennes, 2013
    Author: André Moulu (Quarkslab)

  4. UEFI and Dreamboot [slides (en)] [slides (fr)] [article (fr)]
    Source: HITB Amsterdam 2013 & SSTIC Conference, France, Rennes, 2013
    Author: Sébastien Kaczmarek (Quarkslab)

  5. WinRT: The Metro-politan Museum of Security [slides (en)][slides (fr)][article (fr)]
    Source: HITB Amsterdam & SSTIC Conference, France, Rennes, 2012
    Authors: S. Renaud and K. Szkudlapski (Quarkslab)

  6. Critical Infrastructures: a weapon of mass destruction? [slides]
    Source: Hack.lu, 2011
    Authors: F. Gaspard (TaDa), F. Raynal (Quarkslab)

  7. Sticky Fingers & KBC Custom Shop
    Source: RECON Conference, Canada, Montréal & SSTIC Conference, France, Rennes, 2011
    Author: Alexandre Gazet
    Funded by: Sogeti/ESEC

  8. Metasm feelings
    Source: RECON Conference, Canada, Montréal, 2010
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  9. Deception 2.0: Social networks for information operations
    Source: HITB Dubaï, 2010
    Authors: C. Devaux, A. Mascret, F. Raynal
    Funded by: Sogeti/ESEC

  10. PDF Origami strikes back
    Source: HITB, Malaisie, October 2009
    Authors: Fred Raynal, Guillaume Delugré and Damien Aumaitre
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  11. Applied evaluation methodology for anti-virus software
    Source: EICAR Conference, Berlin, 2009
    Authors: Jean-Baptiste Bédrune and Alexandre Gazet
    Funded by: Sogeti/ESEC

  12. Les origami malicieux en PDF contre-attaquent
    Source: SSTIC, 2009
    Authors: F. Raynal, G. Delugré
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  13. Origami malicieux en PDF
    Source: SSTIC, Rennes, June 2009
    Authors: Fred Raynal, Guillaume Delugré and Damien Aumaitre
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  14. Defeating software protection with Metasm
    Source: HITB Conference, Malaysia, Kuala Lumpur, 2009
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  15. Désobfuscation automatique de binaire - The Barbarian Sublimation
    Source: SSTIC Conference, France, Rennes, 2009
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  16. Fuzzgrind: an automatic fuzzing tool
    Source: SSTIC 2009, Hack.lu 2009
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  17. Déprotection semi-automatique de binaire
    Source: SSTIC Conference, France, Rennes, 2008
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  18. Malicious origami in PDF
    Source: PacSec, 2008
    Authors: F. Raynal, G. Delugré
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  19. Analysis of an undocumented network protocol
    Source: Hack.lu, 2008
    Authors: J.B. Bédrune, F. Raynal
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  20. Malicious cryptography ... reloaded
    Source: CanSecWest, 2008
    Authors: F. Raynal (Sogeti/ESEC, Diamond Edition / MISC Magazine), E. Filiol (ESAT)

  21. Attacks: from technical to information
    Source: BCS, 2007
    Author: F. Raynal
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  22. Malicious crypto: (ab)use cryptology [slides]
    Source: EuSecWest, 2006
    Author: F. Raynal (EADS)

Articles
  1. Konboot anatomy
    Source: MISC n°67 (May 2013)
    Author: Sébastien Kaczmarek

  2. RDP & cryptographie, RSA, anecdotes and implementation errors
    Source: MISC HS06 (November 2012)
    Authors: Francis Gabriel - Sébastien Kaczmarek

  3. CVE-2010-3654: Reliable Flash Player exploitation
    Source: MISC n°57 (September 2011)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  4. CVE-2008-3890: FreeBSD kernel amd64 swapgs local privilege escalation
    Source: MISC n°55 (May 2011)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  5. CVE-2010-4335: CakePHP unserialize() vulnerability
    Source: MISC n°54 (March 2011)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  6. CVE-2010-1028: Firefox WOFF heap corruption
    Source: MISC n°50 (July 2010)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  7. CVE-2009-4141: Linux kernel fasync use after free
    Source: MISC n°48 (March 2010)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  8. Small treatise about e-manipulation for honest people
    Source: Journal of computer virology, 2010
    Authors: F. Raynal (Sogeti/ESEC), F. Gaspard

  9. Technical Analysis of the Windows Win32K.sys Keyboard Layout Stuxnet Exploit [link]
    Source: VUPEN Security Blog, 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  10. CVE-2009-2629: Nginx heap underflow
    Source: MISC n°46 (November 2009)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  11. Cyberguerre : de l’attaque du bunker à l’attaque dans la profondeur
    Source: Revue de Défense Nationale, 2009
    Authors: E. Filiol (ESIEA), F. Raynal (Sogeti/ESEC)

  12. 3rd place at Native Client Security contest
    Source: Google 2009
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  13. Les hébergeurs bulletproof
    Source: MISC Magazine, 2009
    Authors: Gabriel Campana and Alexandre Gazet
    Funded by: Sogeti/ESEC

  14. Cryptography : All-out Attacks or How to Attack Cryptography Without Intensive Cryptanalysis
    Source: Journal of computer virology, 2009
    Authors: J.B. Bédrune (Sogeti/ESEC), E. Filiol (ESIEA), F. Raynal (Sogeti/ESEC)

  15. Comparative analysis of various ransomware virii
    Source: Journal in Computer Virology, 2008
    Author: Alexandre Gazet
    Funded by: Sogeti/ESEC

  16. Communications chiffrées : et si le ver n'était pas (que) dans la pomme ?
    Source: Revue de Défense Nationale, 2008
    Authors: F. Raynal (Sogeti/ESEC), E. Filiol (ESAT)

  17. New Threats and Attacks on the World Wide Web
    Source: IEEE Security & Privacy Journal, 2006
    Authors: T. Holz, S. Maréchal, F. Raynal

  18. Malicious Cryptography [part1] [part2]
    Source: SecurityFocus, 2006
    Author: F. Raynal

  19. Attacking attackers [part1] [part2]
    Source: SecurityFocus, 2006
    Authors: T. Holz, F. Raynal

  20. Defeating honeypots [part1] [part2]
    Source: SecurityFocus, 2005
    Authors: T. Holz, F. Raynal

  21. Honeypot forensics : analyzing system and files
    Source: IEEE Security & Privacy Journal, 2004
    Authors: F. Raynal (EADS), Y. Berthier, P. Biondi, D. Kaminsky

  22. Honeypot forensics : analyzing the network
    Source: IEEE Security & Privacy Journal, 2004
    Authors: F. Raynal (EADS), Y. Berthier, P. Biondi, D. Kaminsky

CVE
  1. CVE-2012-3756: QuickTime buffer overflow in the handling of 'rnet' boxes in MP4 files
    Source: 2012
    Author: Kevin Szkudlapski

  2. CVE-2011-3401: [MS11-092] Microsoft Windows Media Player DVR-MS Buffer Overflow Vulnerability
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  3. CVE-2011-2663: Novell GroupWise Calendar "integerList" Remote Buffer Overflow Vulnerability
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  4. CVE-2011-2662: Novell GroupWise Calendar "RRULE" Remote Buffer Overflow Vulnerability
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  5. CVE-2011-0034: [MS11-032] Microsoft Windows OpenType CFF Driver Stack Overflow
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  6. CVE-2011-0333: Novell GroupWise Calendar TZNAME Remote Buffer Overflow
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  7. CVE-2011-XXXX: 7T Interactive Graphical SCADA System ODBC Remote Memory Corruption
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  8. CVE-2010-4325: Novell GroupWise VCALENDAR TZID Variable Remote Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  9. CVE-2010-2704: HP OpenView Network Node Manager ov.dll Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  10. CVE-2010-2703: HP OpenView Network Node Manager nnmrptconfig.exe Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  11. CVE-2010-1280: Adobe Shockwave DIRAPI Multiple Code Execution Vulnerabilities
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  12. CVE-2010-0484: [MS10-032] Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  13. CVE-2010-0040: Apple iTunes & Apple Safari ColorSync Profile Integer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  14. CVE-2010-XXXX: Sun Java JDK/JRE Unpack200 Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  15. CVE-2009-3033: Symantec Altiris Deployment Solution and Notification Server Arbitrary Code Execution
    Source: 2009
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  16. CVE-2009-2982: Acrobat private key exposure
    Source: 2009
    Authors: G. Delugré, F. Raynal
    Funded by: Sogeti/ESEC

  17. CVE-2009-3461: Acrobat bypass of file extension security controls
    Source: 2009
    Authors: G. Delugré, F. Raynal
    Funded by: Sogeti/ESEC

  18. CVE-2009-3462: Acrobat format bug in debug mode
    Source: 2009
    Authors: G. Delugré, F. Raynal
    Funded by: Sogeti/ESEC

  19. CVE-2009-1564: VMware Products Movie Decoder Heap Overflow
    Source: 2009
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  20. CVE-2008-XXXX: Avira Products Driver Local Kernel Pointer Overwrite Vulnerability
    Source: 2008
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

© COPYRIGHT 2011-2013 QUARKSLAB - ALL RIGHTS RESERVED
website created & managed by ITSelf.be