🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Now at Pass the SALT Conference Thiébaud Fuchs presents Hydradancer, an open source project to improve USB hacking with Facedancer using HydraUSB3 hardware Sounds complicated? It is not! It's just good USB hacking fun Join the live stream at here: 2024.pass-the-salt.org

Great talk on HydraDancer by QuarksLab(quarkslab) / Thiébaud Fuchs(github.com/kauwua) at Pass the SALT Conference #pts24 Check it out: cfp.pass-the-salt.org/pts2024/talk/E… HydraDancer Dongle V1 R1 coming soon! Ultra-small aluminum anodized + laser engraving enclosure: 53mm x 33mm x 15mm.

Ready for part 3 of our travel into the dynamic instrumentation of #Golang during runtime? In this article, cryptonite and Damien Aumaitre will leverage CGO, Go's Foreign Function Interface (FFI), to improve the hooking scheme they defined in part 1 blog.quarkslab.com/lets-go-into-t…

Hello Black Hat! Catch my talk on using electro-magnetic side-channels + EMFI to hack into Apple’s ACE3 chip tomorrow at 10:20am! Send me a message if you want to meet up - or if you know what parties are worth attending 😀

Today at DEF CON 32 Damien Cauquil (@[email protected]) & Romain Cayre unveil WHAD: A Python framework for Wireless HAcking Devices Tired of building ad-hoc tools for wireless hacking? Sick of having to implement half-baked protocols? We've got you covered! At 5pm in LVCC - L1 - HW1-11-02 (Track 2)

After two years of hard work with Damien Cauquil (@[email protected]) , we are proud to release for DEFCON32 the first public version of WHAD, a whole new ecosystem of opensource libs, tools & firmwares for wireless security ! The main repo is here: github.com/whad-team/whad… . And now, demo time ! [1/n]

Are "MIFARE-compatible" contactless cards not playing fair? That's what you may wonder after Philippe Teuwen spotted some odd behavior. Curiosity led to experiments to devise a new attack technique that uncovered some backdoors. The RFID hacking spirit lives on! blog.quarkslab.com/mifare-classic…

The Cryptodifference Engine: An in-depth look at differential fuzzing for harvesting crypto bugs, by Célian Glénaz blog.quarkslab.com/differential-f…

Finding and chaining 4 vulns to exfiltrate encryption keys from the Android Keystore on Samsung series A* devices. Did you miss the "Attacking the Samsung Galaxy A* Boot Chain" talk by Maxime Rossi Bellom and Raphaël Neveu earlier this year ? Talk && PoC || GTFO: blog.quarkslab.com/attacking-the-…

Linux kernel instrumentation from Qemu and gdb: A technique to analyze binaries or kernel modules that may try to monitor themselves. In this blog post Professor Forgette Benoît explains the trick blog.quarkslab.com/linux-kernel-i…

Our 2024-2025 internships season has started Check out the 3 new openings and apply for fun and knowledge! (paid internships, fur coats not included) blog.quarkslab.com/internship-off…

🔗 #BluetoothLowEnergy (#BLE) has seen extensive research, but few studies have targeted the specification corner cases requiring high-level manipulation of the #GATT layer Baptiste at #hw_ioNL2024 proposes fuzzing approach to identify vulnerabilities 👉 hardwear.io/netherlands-20…

How does the new iOS inactivity reboot work? What does it protect from? I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented. naehrdine.blogspot.com/2024/11/revers…

Receiving Starlink Signals with an RTL-SDR and Ku-Band LNB rtl-sdr.com/receiving-star…

Learn Reversing Cryptography in Black Box Binaries with Quarkslab's Dahmun Goudarzi and Robin David at BOOTSTRAP25, Austin, TX, March 18-21 ringzer0.training/bootstrap25-re…

こんにちは Tokyo! "Of all things, I liked bugs best." ― Nikola Tesla Quarkslab is happy to participate in Pwn2Own Automotive and tomorrow we will try to demonstrate a RCE on an Electric Vehicle Charger on stage. Nikola enlight us, Murphy stay home! zerodayinitiative.com/blog/2025/1/21…

Another audit finalized with OSTIF Official and CNCF! 🔍 Quarkslab reviewed Notary Project’s new cryptographic features — timestamping & certificate revocation — identifying 11 issues, including 2 CVEs! 📖 Read more in our blog post: blog.quarkslab.com/security-audit…

Good tools are made of bugs: How to monitor your Steam Deck with one byte. Finding and exploiting two vulnerabilities in AMD's UEFI firmware for fun and gaming . A Christmas gift in February, brought to you by the amazing Gwaby 🫶 blog.quarkslab.com/being-overlord…

I've published a write-up on reversing and analyzing Samsung's H-Arx hypervisor architecture for Exynos devices, which has had a lot of changes in recent years and pretty interesting design. Hope you all enjoy :) dayzerosec.com/blog/2025/03/0…