Securing every bit of your data
https://quarkslab.com
Quarkslab
Loading...
A hands-on look at Microsoft’s Independent Guest Virtual Machine (IGVM) format inside OpenHCL’s `openhcl.bin`.
We unpack the fixed header, variable headers, data layout, and how IGVM measurement supports Confidential Computing with SEV-SNP and TDX.
🔗 blog.quarkslab.com/the-igvm-fil...
Practical Android Software Protection in the Wild: An Appetizer
In which Eduardo Blazquez analyzes 2.5 million Android apps to identify and classify the obfuscators, packers and code protectors they use:
blog.quarkslab.com/practical-an...
Did you hear about Optical Line Terminals? ISPs rely on them to build their service networks, but what if they are vulnerable?
Here Mathieu Farrell shows how attackers could compromise entire ISPs by exploiting them and cloud-based fleet management software
blog.quarkslab.com/how-olts-may...
What happens when reverse engineers spend weeks poking at the Scala 3 codebase?
🔍 From code review to fuzzing, our assessment helped strengthen Scala's security.
The results of our audit, conducted in collaboration with @ostifofficial.bsky.social, are here:
blog.quarkslab.com/scala-securi...
BOLT is a static analysis tool, part of the LLVM compiler infrastructure, used to verify compiler security hardening options have been applied on a binary.
Thanks to @ostifofficial.bsky.social we've worked since November 2025 to improve it. Check our progress here:
blog.quarkslab.com/extending-ll...
Do you know how Entra ID applications work?
What about the security mess they can bring and what they can quietly break?
New blog post on Entra ID application permissions, the audit nightmare they create, and QAZPT, our OSS tool to actually make sense of it:
blog.quarkslab.com/auditing-app...
Obfuscation vs The Optimizer: A Battle in LLVM Middle End.
Robert Yates shows us how the continuous improvement of the LLVM optimizer defeats naive code obfuscation, and how the obfuscator can fight back.
An eternal fight in which all victories are ephemeral
blog.quarkslab.com/obfuscation-...
From prompt 😃to pwned 😢:
Implementing an LLM in your org? Useful.
Trusting its output? That's how a low-priv user became admin.
Ship the feature, don't extend it your trust.
blog.quarkslab.com/from-prompt-...
Paramiko is a pure-Python implementation of SSHv2. Recently, we worked with the Paramiko team on a security audit sponsored by @ostifofficial.bsky.social 🙏
Read a summary of our findings and find the full report here:
blog.quarkslab.com/paramiko-sec...
This article presents the structure of the Independent Guest Virtual Machine (IGVM) file format, a binary file designed to define and securely launch the initial state of a virtual machine. It bundles...
The Scala team has partnered with the Open Source Technology Improvement Fund (OSTIF) to conduct its first security audit. This initiative aims to identify potential vulnerabilities through static and...
The Open Source Technology Improvement Fund (OSTIF) commissioned Quarkslab to extend the BOLT-based static binary analyser in LLVM to support additional compiler flags for security hardening. This wor...
The OSTIF collaborated with Quarkslab to conduct a security audit of Paramiko, a pure-Python implementation of SSHv2 that provides both client- and server-side functionality. Given the sensitivity and...
