Heap Overflow in OpenBSD's slaacd via Router Advertisement In this blog post we analyze a heap overflow vulnerability we discovered in the IPv6 sta... 2022-3-22 07:0:0 | 阅读: 20 | 收藏 | blog.quarkslab.com dnssl openbsd slaacd ra

Kubernetes and HostPath, a Love-Hate Relationship This article traces the history of three Kubernetes-related vulnerabilities. Explaining... 2022-3-3 07:0:0 | 阅读: 41 | 收藏 | blog.quarkslab.com kubernetes kubelet symlinks 1002101

Smali the Parseltongue Language When analyzing an Android application, we often end up playing withthe Smali intermedia... 2022-2-3 07:0:0 | 阅读: 92 | 收藏 | blog.quarkslab.com 11241 smali 359 apk

Audit of the MimbleWimble Integration Inside Litecoin The Litecoin Foundation mandated Quarkslab to audit the implementation ofthe MimbleWimb... 2022-1-13 07:0:0 | 阅读: 23 | 收藏 | blog.quarkslab.com litecoin mw sidechain coins

Why is Exposing the Docker Socket a Really Bad Idea? It is written almost everywhere: do not expose the Docker socket on Linux! This is follo... 2021-12-14 08:00:00 | 阅读: 26 | 收藏 | blog.quarkslab.com containers alpine processes socat privileged

Status of post-quantum cryptography implementation Post-quantum cryptography is an active field of research, especially since theNIST Call... 2021-12-07 08:00:00 | 阅读: 175 | 收藏 | blog.quarkslab.com security classical qubits primitives draft

Digging into Linux namespaces - part 2 Process isolation is a key component for containers. One of the key underlying mechanism... 2021-11-18 08:00:00 | 阅读: 15 | 收藏 | blog.quarkslab.com cryptonite 65534 processes nogroup alpine

Digging into Linux namespaces - part 1 Process isolation is a key component for containers. One of the key underlying mechanism... 2021-11-16 08:00:00 | 阅读: 29 | 收藏 | blog.quarkslab.com cryptonite netns network processes unshare

Mattermost End-to-End Encryption Plugin read file error: read notes: is a directory... 2021-10-14 07:00:00 | 阅读: 22 | 收藏 | blog.quarkslab.com mattermost gpg encryption backup quarkslab

Internship Offers for the 2021-2022 Season It's time to open Quarkslab internships season! This year, we offer new internships rela... 2021-10-12 07:00:00 | 阅读: 32 | 收藏 | blog.quarkslab.com internship security ebpf quarkslab assignment

kdigger: a Context Discovery Tool for Kubernetes This article is an introduction to Kubernetes security through the presentation of a new... 2021-10-07 07:00:00 | 阅读: 13 | 收藏 | blog.quarkslab.com kubernetes 13t14 27z kdigger relatime

Introducing QBDL: how to run the NVIDIA NGX SDK under Linux This blog post introduces QBDL (QuarkslaB Dynamic Loader) as well as a use case which ru... 2021-08-31 07:00:00 | 阅读: 61 | 收藏 | blog.quarkslab.com ngx qbdl library windows loader

A virtual journey: From hardware virtualization to Hyper-V's Virtual Trust Levels A step by step approach to reverse engineer Hyper-V and have a low level insight into Vi... 2021-07-29 07:00:00 | 阅读: 42 | 收藏 | blog.quarkslab.com vtl ffffe800 vmcs vp memory

Hello Rewind, meet world read file error: read notes: is a directory... 2021-07-20 07:00:00 | 阅读: 60 | 收藏 | blog.quarkslab.com rewind cng windows whvp hypervisor

Guided tour inside WinDefender’s network inspection driver This article describes how Windows Defender implements its network inspection feature in... 2021-07-13 07:00:00 | 阅读: 131 | 收藏 | blog.quarkslab.com callout windows network sockaddr security

RFID: Monotonic Counter Anti-Tearing Defeated Tear-off techniques to the next level. IntroductionFor this second post in collaboration... 2021-05-18 07:00:00 | 阅读: 76 | 收藏 | blog.quarkslab.com tearing incr 0x000000 ultralight slots

Audit of Session Secure Messaging Application Oxen [1] mandated Quarkslab to perform an audit of theirinstant messaging solution Session [... 2021-04-29 07:00:00 | 阅读: 142 | 收藏 | blog.quarkslab.com oxen github loki attacker quarkslab

Remote Denial-of-Service on CycloneTCP : CVE-2021-26788 This post is a quick vulnerability report summary for a vulnerability we found while fuzzing... 2021-04-13 07:00:00 | 阅读: 99 | 收藏 | blog.quarkslab.com cyclonetcp oryx infinite tcpoption

Analysis of a Windows IPv6 Fragmentation Vulnerability: CVE-2021-24086 In this blog post we analyze a denial of service vulnerability affecting the IPv6 stack... 2021-04-07 07:00:00 | 阅读: 93 | 收藏 | blog.quarkslab.com fragment fragments fffff801 frag ffffce0a

Extending Emuroot: support for Android 10 & 11 A quick introduction to Android Emuroot, a Python script that allows to get root privile... 2021-03-04 08:00:00 | 阅读: 126 | 收藏 | blog.quarkslab.com swapper 377 memory quarkslab comm