ToolsSoftwareConferencesArticlesCVE
Tools
  1. Dreamboot: source code for a UEFI bootkit for Windows 8 x64
    1. Source: https://github.com/quarkslab/dreamboot
    2. How does it work?

  2. Quarks PwDump is new open source tool to dump various types of Windows credentials: local account, domain accounts, cached domain credentials and bitlocker. The tool is currently dedicated to work live on operating systems without injecting in any process, limiting the risk of undermining their integrity or stability. it requires administrator's privileges and is still in beta test.
    1. Source: https://github.com/quarkslab/quarkspwdump
    2. How does it work?

  3. qb-sync is an open source tool to add some helpful glue between IDA Pro and Windbg. Its core feature is to dynamically synchronize IDA's graph windows with Windbg's position.
    1. Source: https://github.com/quarkslab/qb-sync
    2. How idoes it work?

  4. iMITMProtect is an open source tool to keep record of keys retrieved by iMessage on OS X, just in case someone tries to do something bad.
    1. Source: https://github.com/quarkslab/iMITMProtect
    2. About iMessage privacy

Software

QUARKSLAB is the official reseller for the Euro zone of JEB : The Interactive Android Decompiler, a powerful Android app decompiler designed for security professionals.


  1. Pricing
    1. One individual license costs EUR 780.
    2. Three licenses cost EUR 1950.
    3. Additional licenses receive a 20% discount.
    4. Members of the academic community and students will receive a flat 30% discount.

  2. Support
    1. Each license comes with support for one year, which includes major updates, minor updates, and fixes.
    2. After a year, a user may renew their license and receive a 30% discount.

  3. Website: [www.android-decompiler.com]

  4. Contact: jeb(at)quarkslab.com

Conferences
  1. Obfuscation 101 [slides (fr)]
    Source: St'Hack Conference, France, Bordeaux, 2014
    Author: Ninon Eyrolles (Quarkslab)

  2. Obfuscation de code Python : amélioration destechniques existantes [slides (fr)] [article (fr)]
    Source: SSTIC Conference, France, Rennes, 2014
    Authors: Serge Guelton (Quarkslab), Ninon Eyrolles (Quarkslab)

  3. Obfuscation : know your enemy [slides (en)]
    Source: RMLL, France, Montpellier, 2014
    Author: Ninon Eyrolles (Quarkslab)

  4. Recherche de vulnérabilités dans les piles USB : approches et outils [slides (fr)] [article (fr)]
    Source: SSTIC Conference, France, Rennes, 2014
    Authors: Jordan Bouyat (Quarkslab), Fernand Lone-Sang (Quarkslab)

  5. DRM obfuscation versus auxiliary attacks [slides (fr)] [slides (en)] [article (fr)]
    Source (fr): SSTIC Conference, France, Rennes, 2014
    Source (en): REcon Conference, Montréal, Canada, 2014
    Authors: Mougey Camille (CEA) and Francis Gabriel (Quarkslab)

  6. Scalable Network Recon: Why Port Scans are for Pussies [slides (fr)] [slides (en)] [article (fr)]
    Source (fr): SSTIC Conference, France, Rennes, 2014
    Source (en): HITB Amsterdam, 2014
    Authors: Fred Raynal (Quarkslab), Adrien Guinet (Quarkslab)

  7. iMessage privacy [slides (en)]
    Source: HITB Kuala Lumpur, 2013
    Authors: Cyril Cattiaux (Quarkslab), gg (Quarkslab)

  8. Security of Android applications [slides (fr)] [slides (en)] [article (fr)]
    Source: SSTIC Conference, France, Rennes, 2013
    Author: André Moulu (Quarkslab)

  9. UEFI and Dreamboot [slides (en)] [slides (fr)] [article (fr)]
    Source: HITB Amsterdam 2013 & SSTIC Conference, France, Rennes, 2013
    Author: Sébastien Kaczmarek (Quarkslab)

  10. WinRT: The Metro-politan Museum of Security [slides (en)][slides (fr)][article (fr)]
    Source: HITB Amsterdam & SSTIC Conference, France, Rennes, 2012
    Authors: S. Renaud and K. Szkudlapski (Quarkslab)

  11. Critical Infrastructures: a weapon of mass destruction? [slides]
    Source: Hack.lu, 2011
    Authors: F. Gaspard (TaDa), F. Raynal (Quarkslab)

  12. Sticky Fingers & KBC Custom Shop
    Source: RECON Conference, Canada, Montréal & SSTIC Conference, France, Rennes, 2011
    Author: Alexandre Gazet
    Funded by: Sogeti/ESEC

  13. Metasm feelings
    Source: RECON Conference, Canada, Montréal, 2010
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  14. Deception 2.0: Social networks for information operations
    Source: HITB Dubaï, 2010
    Authors: C. Devaux, A. Mascret, F. Raynal
    Funded by: Sogeti/ESEC

  15. PDF Origami strikes back
    Source: HITB, Malaisie, October 2009
    Authors: Fred Raynal, Guillaume Delugré and Damien Aumaitre
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  16. Applied evaluation methodology for anti-virus software
    Source: EICAR Conference, Berlin, 2009
    Authors: Jean-Baptiste Bédrune and Alexandre Gazet
    Funded by: Sogeti/ESEC

  17. Les origami malicieux en PDF contre-attaquent
    Source: SSTIC, 2009
    Authors: F. Raynal, G. Delugré
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  18. Origami malicieux en PDF
    Source: SSTIC, Rennes, June 2009
    Authors: Fred Raynal, Guillaume Delugré and Damien Aumaitre
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  19. Defeating software protection with Metasm
    Source: HITB Conference, Malaysia, Kuala Lumpur, 2009
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  20. Désobfuscation automatique de binaire - The Barbarian Sublimation
    Source: SSTIC Conference, France, Rennes, 2009
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  21. Fuzzgrind: an automatic fuzzing tool
    Source: SSTIC 2009, Hack.lu 2009
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  22. Déprotection semi-automatique de binaire
    Source: SSTIC Conference, France, Rennes, 2008
    Authors: Alexandre Gazet and Yoann Guillot
    Funded by: Sogeti/ESEC

  23. Malicious origami in PDF
    Source: PacSec, 2008
    Authors: F. Raynal, G. Delugré
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  24. Analysis of an undocumented network protocol
    Source: Hack.lu, 2008
    Authors: J.B. Bédrune, F. Raynal
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  25. Malicious cryptography ... reloaded
    Source: CanSecWest, 2008
    Authors: F. Raynal (Sogeti/ESEC, Diamond Edition / MISC Magazine), E. Filiol (ESAT)

  26. Attacks: from technical to information
    Source: BCS, 2007
    Author: F. Raynal
    Funded by: Sogeti/ESEC & Diamond Edition / MISC Magazine

  27. Malicious crypto: (ab)use cryptology [slides]
    Source: EuSecWest, 2006
    Author: F. Raynal (EADS)

Articles
  1. Redécouverte et exploitation du Pwn2Own 2012 Android
    Source: MISC HS09 (May 2014)
    Author: André Moulu

  2. Linux kernel perf_events local root - analyse et exploitation
    Source: Misc n°69 (September 2013)
    Author: André Moulu

  3. Etat de l'art du reverse engineering sous Android
    Source: MISC HS07 (June 2013)
    Author: André Moulu

  4. Konboot anatomy
    Source: MISC n°67 (May 2013)
    Author: Sébastien Kaczmarek

  5. RDP & cryptographie, RSA, anecdotes and implementation errors
    Source: MISC HS06 (November 2012)
    Authors: Francis Gabriel - Sébastien Kaczmarek

  6. CVE-2010-3654: Reliable Flash Player exploitation
    Source: MISC n°57 (September 2011)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  7. CVE-2008-3890: FreeBSD kernel amd64 swapgs local privilege escalation
    Source: MISC n°55 (May 2011)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  8. CVE-2010-4335: CakePHP unserialize() vulnerability
    Source: MISC n°54 (March 2011)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  9. CVE-2010-1028: Firefox WOFF heap corruption
    Source: MISC n°50 (July 2010)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  10. CVE-2009-4141: Linux kernel fasync use after free
    Source: MISC n°48 (March 2010)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  11. Small treatise about e-manipulation for honest people
    Source: Journal of computer virology, 2010
    Authors: F. Raynal (Sogeti/ESEC), F. Gaspard

  12. Technical Analysis of the Windows Win32K.sys Keyboard Layout Stuxnet Exploit [link]
    Source: VUPEN Security Blog, 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  13. CVE-2009-2629: Nginx heap underflow
    Source: MISC n°46 (November 2009)
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  14. Cyberguerre : de l’attaque du bunker à l’attaque dans la profondeur
    Source: Revue de Défense Nationale, 2009
    Authors: E. Filiol (ESIEA), F. Raynal (Sogeti/ESEC)

  15. 3rd place at Native Client Security contest
    Source: Google 2009
    Author: Gabriel Campana
    Funded by: Sogeti/ESEC

  16. Les hébergeurs bulletproof
    Source: MISC Magazine, 2009
    Authors: Gabriel Campana and Alexandre Gazet
    Funded by: Sogeti/ESEC

  17. Cryptography : All-out Attacks or How to Attack Cryptography Without Intensive Cryptanalysis
    Source: Journal of computer virology, 2009
    Authors: J.B. Bédrune (Sogeti/ESEC), E. Filiol (ESIEA), F. Raynal (Sogeti/ESEC)

  18. Comparative analysis of various ransomware virii
    Source: Journal in Computer Virology, 2008
    Author: Alexandre Gazet
    Funded by: Sogeti/ESEC

  19. Communications chiffrées : et si le ver n'était pas (que) dans la pomme ?
    Source: Revue de Défense Nationale, 2008
    Authors: F. Raynal (Sogeti/ESEC), E. Filiol (ESAT)

  20. New Threats and Attacks on the World Wide Web
    Source: IEEE Security & Privacy Journal, 2006
    Authors: T. Holz, S. Maréchal, F. Raynal

  21. Malicious Cryptography [part1] [part2]
    Source: SecurityFocus, 2006
    Author: F. Raynal

  22. Attacking attackers [part1] [part2]
    Source: SecurityFocus, 2006
    Authors: T. Holz, F. Raynal

  23. Defeating honeypots [part1] [part2]
    Source: SecurityFocus, 2005
    Authors: T. Holz, F. Raynal

  24. Honeypot forensics : analyzing system and files
    Source: IEEE Security & Privacy Journal, 2004
    Authors: F. Raynal (EADS), Y. Berthier, P. Biondi, D. Kaminsky

  25. Honeypot forensics : analyzing the network
    Source: IEEE Security & Privacy Journal, 2004
    Authors: F. Raynal (EADS), Y. Berthier, P. Biondi, D. Kaminsky

CVE
  1. CVE-2012-3756: QuickTime buffer overflow in the handling of 'rnet' boxes in MP4 files
    Source: 2012
    Author: Kevin Szkudlapski

  2. CVE-2011-3401: [MS11-092] Microsoft Windows Media Player DVR-MS Buffer Overflow Vulnerability
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  3. CVE-2011-2663: Novell GroupWise Calendar "integerList" Remote Buffer Overflow Vulnerability
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  4. CVE-2011-2662: Novell GroupWise Calendar "RRULE" Remote Buffer Overflow Vulnerability
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  5. CVE-2011-0034: [MS11-032] Microsoft Windows OpenType CFF Driver Stack Overflow
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  6. CVE-2011-0333: Novell GroupWise Calendar TZNAME Remote Buffer Overflow
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  7. CVE-2011-XXXX: 7T Interactive Graphical SCADA System ODBC Remote Memory Corruption
    Source: 2011
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  8. CVE-2010-4325: Novell GroupWise VCALENDAR TZID Variable Remote Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  9. CVE-2010-2704: HP OpenView Network Node Manager ov.dll Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  10. CVE-2010-2703: HP OpenView Network Node Manager nnmrptconfig.exe Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  11. CVE-2010-1280: Adobe Shockwave DIRAPI Multiple Code Execution Vulnerabilities
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  12. CVE-2010-0484: [MS10-032] Microsoft Windows Kernel "GetDCEx()" Memory Corruption Vulnerability
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  13. CVE-2010-0040: Apple iTunes & Apple Safari ColorSync Profile Integer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  14. CVE-2010-XXXX: Sun Java JDK/JRE Unpack200 Buffer Overflow
    Source: 2010
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  15. CVE-2009-3033: Symantec Altiris Deployment Solution and Notification Server Arbitrary Code Execution
    Source: 2009
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  16. CVE-2009-2982: Acrobat private key exposure
    Source: 2009
    Authors: G. Delugré, F. Raynal
    Funded by: Sogeti/ESEC

  17. CVE-2009-3461: Acrobat bypass of file extension security controls
    Source: 2009
    Authors: G. Delugré, F. Raynal
    Funded by: Sogeti/ESEC

  18. CVE-2009-3462: Acrobat format bug in debug mode
    Source: 2009
    Authors: G. Delugré, F. Raynal
    Funded by: Sogeti/ESEC

  19. CVE-2009-1564: VMware Products Movie Decoder Heap Overflow
    Source: 2009
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

  20. CVE-2008-XXXX: Avira Products Driver Local Kernel Pointer Overwrite Vulnerability
    Source: 2008
    Author: Sébastien Renaud
    Funded by: VUPEN Security S.A.

© COPYRIGHT 2011-2013 QUARKSLAB - ALL RIGHTS RESERVED
website created & managed by ITSelf.be