quarkslab

A modern tale of Blinkenlights, cheap Christmas shopping and curiosity, narrated by @npub1nmz5...wk86 Firmware extraction and reverse engineering of a smartwatch FTW!

A modern tale of blinkenlights - Quarkslab's blog

This blog post demonstrates how a modern variant of an hardware attack found in the 2000's allowed the extraction of a €12 smartwatch's firmware ...

Our 2025-2026 internship season has started. Check out the list of openings and apply for fun and knowledge!

Internship Offers for the 2025-2026 Season - Quarkslab's blog

The internship season is back at Quarkslab! Our internship positions cover a wide range of topics and expertise, and aim at tackling new challenges...

Finding a buggy driver is one thing, abusing it is another🧠 In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀 ➡️

BYOVD to the next level (part 2) — rootkit like it's 2025 - Quarkslab's blog

Bring Your Own Vulnerable Driver (BYOVD) is a well-known post-exploitation technique used by adversaries. This blog post is part of a series. In pa...

BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪 However, with the right primitives, you can do much more. Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver. 👇

BYOVD to the next level (part 1) — exploiting a vulnerable driver (CVE-2025-8061) - Quarkslab's blog

Bring Your Own Vulnerable Driver (BYOVD) is a well-known post-exploitation technique used by adversaries. This blog post is part of a series. We wi...

RTFM they say but if you read the manual and copy code examples from it you may inadvertently introduce vulns in your code 🙀 In April we audited the PHP code. Now we followed up with a review of the code snippets in PHP documentation and found 81 issues 👇

Security review of PHP documentation - Quarkslab's blog

The Open Source Technology Improvement Fund, Inc., engaged with Quarkslab to perform a security audit of the code snippets in the English version o...

Hacking & Barbecue in the south of France What could possibly be better? Barbhack 2025 starts this Saturday August 30th at the Palais des Congrès Neptune in Toulon We are giving away a ticket to a student nearby looking to live the experience. Send us a DM with your name and school. We will notify the winner tonight.

BARBHACK Hacking conference

BARBHACK is organized by a team of ethical hackers and cybersec professionals you already know, supported by HackerZVoice association