quarkslab/conf-presentations

GitHub: quarkslab/conf-presentations

Quarkslab 公司历年安全会议演讲与论文资料合集，涵盖逆向工程、嵌入式安全、密码学、漏洞研究等多个安全领域。

Stars: 317 | Forks: 34

## 目录 - [Quarkslab 会议与研讨会演讲](#quarkslab-lectures-at-conferences-and-seminars) - [Quarkslab 期刊、会议论文集及预印本出版物](#quarkslab-publications-in-journals-or-conference-proceedings-and-preprints) - [Quarkslab 专业杂志出版物](#quarkslab-publications-in-specialized-magazines) - [Quarkslab 硬件 CTF](#quarkslab-hardware-ctfs) ## Quarkslab 会议与研讨会演讲 ### 2026 - 2026-03: [Hash All The Things / Get All the Sig(s) - Introducing Sighthouse for Seamless Function Detection 🖥️](Confs/REverse-26/Reverse26.pdf) 于 *[RE//verse 2026](https://re-verse.io/index.html)* ### 2025 - 2025-10: [T'as vu mes docs ? Je les fais avec typst ! 🖥️](Confs/VolCamp25/Typst_pres.pdf)[📽️](https://www.youtube.com/watch?v=XyFN6EywEPw) 于 *[Volcamp](https://www.volcamp.io/)* - 2025-09: [Bypassing ASLR on MIPS32 using simple mathematics 🖥️](Confs/WineRump25/BypassingASLRonMIPS32.pdf) 于 *[Wine Rump](https://rump.wine/)* - 2025-09: [Bluetooth Low Energy hacking with WHAD 🖥️](Confs/BruCon25/lehack25_fun-with-watches_dcauquil_xilokar.pdf) 工作坊于 *[BruCon](https://www.brucon.org/)* - 2025-07: [Experimental Study of Binary Diffing Resilience on Obfuscated Programs 🖥️](Confs/DIMVA25/dimva-slides-25.pdf)[📜](Confs/DIMVA25/dimva-25.pdf) 于 *[22nd Conference on Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA 2025](https://dimva.org/dimva2025/)* - 2025-07: [The Last Resort: Debugging Embedded Systems with Unconventional Methods 🖥️](Confs/PTS25/PTS2025-TALK-01-debugging_embedded.pdf)[📽️](https://passthesalt.ubicast.tv/videos/the-last-resort-debugging-embedded-systems-with-unconventional-methods-trimmed/) 于 *[Pass the SALT 2025](https://2025.pass-the-salt.org/)* - 2025-07: [Bluetooth Low Energy hacking with WHAD 🖥️](Confs/PTS25/lehack25_fun-with-watches_dcauquil_xilokar.pdf) 工作坊于 *[Pass the SALT 2025](https://2025.pass-the-salt.org/)* - 2025-07: [Wirego, a Wireshark plugin development framework 🖥️](Confs/PTS25/PTS2025-TALK-14-Wirego.pdf)[📽️](https://passthesalt.ubicast.tv/videos/wirego-a-wireshark-plugin-development-framework-trimmed/) 于 *[Pass the SALT 2025](https://2025.pass-the-salt.org/)* - 2025-07: [Apkpatcher: Reverse Engineering and Modifying Android Applications Without Rooting 🖥️](Confs/PTS25/APKPatcher.pdf) 工作坊于 *[Pass the SALT 2025](https://2025.pass-the-salt.org/APKPatcher.pdf)* - 2025-06: [Abusing Domestic EV Chargers through Bluetooth and USB 🖥️](Confs/Recon25/Recon25-Abusing-EV-Chargers-rmori-rdavid-achazal.pdf) 于 *[Recon.cx 2025](https://recon.cx/2025/)* - 2025-06: [Apkpatcher: Reverse Engineering and Modifying Android Applications Without Rooting 🖥️](Confs/LeHack25/APKPatcher.pdf) 工作坊于 *[LeHack 2025](https://lehack.org/)* - 2025-06: [The Last Resort: Debugging Embedded Systems with Unconventional Methods 🖥️](Confs/LeHack25/PTS2025-TALK-01-debugging_embedded.pdf) 于 *[LeHack 2025](https://lehack.org/)* - 2025-06: [Fun with watches: hacking a 12€ smartwatch with Bluetooth Low Energy and 3 wires 🖥️](Confs/LeHack25/lehack25_fun-with-watches_dcauquil_xilokar.pdf) 于 *[LeHack 2025](https://lehack.org/)* - 2025-06: [Pyrrha & Friends: Diving into Firmware Cartography 🖥️](Confs/SSTIC25/SSTIC2025-Slides-pyrrha_diving_into_firmware_cartography-brocas_david.pdf)[📽️](https://static.sstic.org/videos2025/1080p/pyrrha_diving_into_firmware_cartography.mp4) 于 *[SSTIC 2025](https://www.sstic.org/2025/programme/)* - 2025-06: [We Have A Deal: we provide the lego bricks, you build cool wireless attacks 🖥️](Confs/SSTIC25/SSTIC2025-Slides-we_have_a_deal_we_provide_the_lego_bricks_you_build_cool_wireless_attacks-cauquil_cayre.pdf)[📜](Confs/SSTIC25/SSTIC2025-Article-we_have_a_deal_we_provide_the_lego_bricks_you_build_cool_wireless_attacks-cauquil_cayre.pdf)[📽️](https://static.sstic.org/videos2025/1080p/we_have_a_deal_we_provide_the_lego_bricks_you_build_cool_wireless_attacks.mp4) 于 *[SSTIC 2025](https://www.sstic.org/2025/programme/)* - 2025-06: [Wirego - Un framework de développement de plugins Wireshark 🖥️](Confs/SSTIC25/SSTIC2025-Slides-wirego_un_framework_de_developpement_de_plugins_wireshark-girard.pdf)[📜](Confs/SSTIC25/SSTIC2025-Article-wirego_un_framework_de_developpement_de_plugins_wireshark-girard.pdf)[📽️](https://static.sstic.org/videos2025/1080p/wirego_un_framework_de_developpement_de_plugins_wireshark.mp4) 于 *[SSTIC 2025](https://www.sstic.org/2025/programme/)* - 2025-06: [apkpatcher : Fast analysis and modification to Android applications without root access or emulation 🖥️](Confs/SSTIC25/SSTIC2025-Slides-apkpatcherv2-forgette.pdf)[📽️](https://static.sstic.org/videos2025/1080p/apkpatcherv2.mp4) 于 *[SSTIC 2025](https://www.sstic.org/2025/programme/)* - 2025-05: [Spyware for Rent & The World of Offensive Cyber 🖥️](Confs/Off-By-One-2025/25-05-08-OffbyOne-Spyware-to-rent-and-offensive-world-reloaded.pdf)[📽️](https://www.youtube.com/watch?v=GaR1QVuvhkU) 于 *[Off-by-One 2025](https://offbyone.sg/agenda/)* - 2025-05: [S.H.I.E.L.D: Scudo Heap Implementation Exploits, Leaks, and Defenses 🖥️](Confs/Off-By-One-2025/25-05-08-OffByOne-SHIELD-Scudo-Heap-Implementation-Exploits-Leaks-Defenses.pdf)[📽️](https://www.youtube.com/watch?v=1BqFyOgGN2M) 于 *[Off-by-One 2025](https://offbyone.sg/agenda/)* - 2025-04: [Test your Cryptographic Primitives with Crypto-Condor 🖥️](Confs/RealWorldCrypto-Paris/2025-04-29-rwcp_jloayza_crypto_condor.pdf) 于 *[Real World Cryptography Paris Meetups](https://cryptography.paris/)* - 2025-04: [One for all and all for WHAD: wireless shenanigans made easy ! 🖥️](Confs/THCon25/thcon-cauquil-cayre-keynote.pdf)[📽️](https://www.youtube.com/live/rqKiDgecRwM?si=u-rcSvi2O-uI7Bbh&t=17557) 于 *[THCon 2025](https://thcon.party/)* - 2025-03: [0day in CTF is cool, no? (Writeup PwnMe 2025) 🖥️](Confs/HTBFrance2025/Meetup%20HTB%20France%20-%200day%20in%20CTF%20is%20cool%20-%20Writeup%20PwnMe%202025.pdf) 于 *[Meetup Hack The Box France](https://www.meetup.com/hack-the-box-meetup-france/events/306897502/)* - 2025-03: [Streamlining Firmware Analysis with Inter-Image Call Graphs and Decompilation 🖥️](Confs/REverse-25/REverse_firmware_analysis_2025.pdf)[📽️](https://www.youtube.com/watch?v=LsDnrfZt_Xs) 于 *[RE/verse.io 2025](https://re-verse.io)* ### 2024 - 2024-12: [Identifying Obfuscated Code through Graph-Based Semantic Analysis of Binary Code 🖥️](Confs/ComplexNetworks2024/complexnetworks2024_slides.pdf)[📜](Confs/ComplexNetworks2024/complexnetworks2024_paper.pdf) 于 *[Complex Networks 2024](https://complexnetworks.org/)* - 2024-12: [*特邀演讲：* MIFARE Classic: exposing the static encrypted nonce variant... and a few hardware backdoors 📽️](https://www.youtube.com/watch?v=uw8N4IhQc0s) 于 *[COSIC Seminar, KUL](https://www.esat.kuleuven.be/cosic/cosic-seminars/)* - 2024-12: [Faster Signatures from MPC-in-the-Head 📜](https://eprint.iacr.org/2024/252.pdf) 于 *[Asiacrypt 2024](https://asiacrypt.iacr.org/2024/)* - 2024-11: [*特邀演讲：* MIFARE Classic: exposing the static encrypted nonce variant... and a few hardware backdoors 🖥️](Confs/C%26ESAR-2024/2024-11-21-mifare-pteuwen-ecw-cesar.pdf)[📜](https://2024.cesar-conference.org/program-media/CESAR-2024_keynote-MiFare.pdf)[📽️](https://2024.cesar-conference.org/program-media/CESAR-2024_6-2_keynote-MiFare.webm) 于 *[C&ESAR 2024 by DGA](https://2024.cesar-conference.org/detailed-program/)* - 2024-11: [Improving binary diffing through similarity and matching intricacies 🖥️](Confs/CAID-2024/CAID24_raffinement_diffing_binaire_slides.pdf)[📜](Confs/CAID-2024/CAID24_raffinement_diffing_binaire_paper.pdf) 于 *[CAID: Conference on Artificial Intelligence for Defense](https://caid-conference.eu)* - 2024-11: [*特邀演讲：* MIFARE Classic: exposing the static encrypted nonce variant 🖥️](Confs/GreHack2024/2024-11-15-mifare-pteuwen-grehack.pdf)[📽️](https://www.youtube.com/watch?v=SJTiuk4gxhc) 于 *[Grehack 2024](https://grehack.fr/)* - 2024-10: [Bluetooth Low Energy GATT Fuzzing: from specification to implementation 🖥️](Confs/Hardweario-NL-2024/2024-10-25-ble-gatt-fuzzing-bboyer.pdf)[📜](Confs/Hardweario-NL-2024/2024-10-25-ble-gatt-fuzzing-paper-bboyer.pdf)[📽️](https://www.youtube.com/watch?v=L2ocCDl5e1g) 于 *[Hardwear.io NL 2024](https://hardwear.io/netherlands-2024/)* - 2024-10: [MIFARE Classic: exposing the static encrypted nonce variant 🖥️](Confs/Hardweario-NL-2024/2024-10-24-mifare-pteuwen.pdf)[📽️](https://www.youtube.com/watch?v=rdH4dbshGUU) 于 *[Hardwear.io NL 2024](https://hardwear.io/netherlands-2024/)* - 2024-10: [Spyware for Rent 🖥️](Confs/Les%20Assises%20-%202024/24-10-10-Monaco-Spyware-to-rent.pdf) 于 *[Les Assises 2024](https://www.lesassisesdelacybersecurite.com/fr-FR/le-programme/le-deroule-des-4-jours)* - 2024-08: [De 'branch' en 'branch' : récupération d'un FW d'ECU sur une mémoire FAT 'nettoyée' 🖥️](Confs/Barbhack24/Barbhack_2024_De_branch_en_branch.pdf) 于 *[Barbhack 2024](https://www.barbhack.fr/2024/en/)* - 2024-08: [One for all and all for WHAD: wireless shenanigans made easy ! 🖥️](Confs/DefCon2024/dc32-cauquil-cayre-One_for_all_and_all_for_whad-v4.pdf)[📽️](https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20video%20and%20slides/DEF%20CON%2032%20-%20One%20for%20All%20-%20and%20All%20for%20WHAD%20-%20wireless%20shenanigans%20made%20easy%20-%20Romain%20Cayre%2C%20Damien%20Cauquil.mp4) 于 *[DEF CON 32](https://defcon.org/html/defcon-32/dc-32-speakers.html#54472)* - 2024-08: [Attacking Samsung Galaxy A * Boot Chain, and Beyond 🖥️](Confs/BlackHat-USA-24/BH-USA-2024_Attacking-Samsung.pdf) 于 *[Black Hat USA 2024](https://www.blackhat.com/us-24/briefings/schedule/index.html#attacking-samsung-galaxy-a-boot-chain-and-beyond-38526)* - 2024-07: [Prism, a light BEAM disassembler 🖥️](Confs/LeHack24/lehack24-dcauquil-prism-light-beam-disassembler.pdf) 于 *[LeHack 2024](https://lehack.org/)* - 2024-07: [Analysing malicious documents and files with oletools 🖥️](Confs/PTS24/PTS2024-TALK-19-oletools.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2024-analysing-malicious-documents-and-files-with-oletools/) 于 *[Pass the SALT 2024](https://cfp.pass-the-salt.org/pts2024/schedule/#)* - 2024-07: [Rump: Passbolt: a bold use of HaveIBeenPwned 🖥️](Confs/PTS24/PTS2024-RUMP-14_Passbolt_Teuwen.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2024-rump-14-passbolt-a-bold-use-of-haveibeenpwned/) 于 *[Pass the SALT 2024](https://cfp.pass-the-salt.org/pts2024/schedule/#)* - 2024-07: [Rump: How to download large datasets of files using CommonCrawl 🖥️](Confs/PTS24/PTS2024-RUMP-11-CommonCrawl_Lagadec.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2024-rump-11-how-to-download-large-datasets-of-files-using-commoncrawl/) 于 *[Pass the SALT 2024](https://cfp.pass-the-salt.org/pts2024/schedule/#)* - 2024-07: [Hydradancer, using USB3 to improve USB hacking with Facedancer 🖥️](Confs/PTS24/PTS2024-TALK-15-Hydradancer_using_usb3_to_improve_facedancer.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2024-hydradancer-using-usb3-to-improve-usb-hacking-with-facedancer/) 于 *[Pass the SALT 2024](https://cfp.pass-the-salt.org/pts2024/schedule/#)* - 2024-07: [Test your cryptographic primitives with crypto-condor 🖥️](Confs/PTS24/PTS2024-TALK-14-Crypto-condor.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2024-test-your-cryptographic-primitives-with-crypto-condor/) 于 *[Pass the SALT 2024](https://cfp.pass-the-salt.org/pts2024/schedule/#)* - 2024-07: [Prism, a light BEAM disassembler 🖥️](Confs/PTS24/PTS2024-TALK-05-BEAM-disassembler.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2024-prism-a-light-beam-disassembler/) 于 *[Pass the SALT 2024](https://cfp.pass-the-salt.org/pts2024/schedule/#)* - 2024-06: [Attacking the Samsung Galaxy Boot Chain 🖥️](Confs/Off-By-One-2024/Off-By-One-2024_Attacking_Samsung.pdf) 于 *[Off-by-One 2024](https://offbyone.sg/agenda/)* - 2024-06: [Belenios: the Certification Campaign 🖥️](Confs/SSTIC24/SSTIC2024-Slides-belenios_the_certification_campaign-bossuat_brocas_kovacs_gaudry_glondu_cortier.pdf)[📜](Confs/SSTIC24/SSTIC2024-Article-belenios_the_certification_campaign-bossuat_brocas_kovacs_gaudry_glondu_cortier.pdf)[📽️](https://static.sstic.org/videos2024/1080p/belenios_the_certification_campaign.mp4) 于 *[SSTIC 2024](https://www.sstic.org/2024/programme/)* - 2024-06: [Tame the (q)emu: debug firmware on custom emulated board 🖥️](Confs/SSTIC24/SSTIC2024-Slides-tame_the_qemu_debug_firmware_on_custom_emulated_board-cauquil.pdf)[📜](Confs/SSTIC24/SSTIC2024-Article-tame_the_qemu_debug_firmware_on_custom_emulated_board-cauquil_gwqDg32.pdf)[📽️](https://static.sstic.org/videos2024/1080p/tame_the_qemu_debug_firmware_on_custom_emulated_board.mp4) 于 *[SSTIC 2024](https://www.sstic.org/2024/programme/)* - 2024-06: [PyAxml 🖥️](Confs/SSTIC24/SSTIC2024-Slides-pyaxml-forgette.pdf)[📽️](https://static.sstic.org/videos2024/1080p/pyaxml.mp4) 于 *[SSTIC 2024](https://www.sstic.org/2024/programme/)* - 2024-06: [When Samsung meets Mediatek: the story of a small bug chain 🖥️](Confs/SSTIC24/SSTIC2024-Slides-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf)[📜](Confs/SSTIC24/SSTIC2024-Article-when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain-rossi-bellom_neveu.pdf)[📽️](https://static.sstic.org/videos2024/1080p/when_vendor1_meets_vendor2_the_story_of_a_small_bug_chain.mp4) 于 *[SSTIC 2024](https://www.sstic.org/2024/programme/)* - 2024-06: [QBinDiff: A modular differ to enhance binary diffing and graph alignment 🖥️](Confs/SSTIC24/SSTIC2024-Slides-qbindiff_a_modular_differ-rossi_yger_mori_david_cohen.pdf)[📽️](https://static.sstic.org/videos2024/1080p/qbindiff_a_modular_differ.mp4) 于 *[SSTIC 2024](https://www.sstic.org/2024/programme/)* - 2024-06: [Testez vos primitives cryptographiques avec crypto-condor 🖥️](Confs/SSTIC24/SSTIC2024-Slides-testez_vos_primitives_cryptographiques_avec_crypto_condor-bossuat_goudarzi_loayza-meneses.pdf)[📽️](https://static.sstic.org/videos2024/1080p/testez_vos_primitives_cryptographiques_avec_crypto_condor.mp4) 于 *[SSTIC 2024](https://www.sstic.org/2024/programme/)* - 2024-05: [Numbat/Pyrrha: Naviguez facilement dans les binaires de votre système 🖥️](Confs/ESE24/slides.pdf) 于 *[ESIEA Secure Edition 2024](https://ese.esiea.fr/)* - 2024-05: [Finding low-hanging fruits vulnerabilities in a commercial antivirus 🖥️](Confs/StHack24/slides_sthack_2024_v1.8.pdf) 于 *[StHack 2024](https://www.sthack.fr/)* - 2024-05: [Attacking the Samsung Galaxy A * Boot Chain 🖥️](Confs/OffensiveCon24/AttackingSamsung.pdf)[📽️](https://www.youtube.com/watch?v=WJ7wkJn7l7w) 于 *[OffensiveCon 2024](https://www.offensivecon.org/agenda/2024.html)* 2024-04: [PASTIS: Fuzzing tool competition 🖥️](Confs/SBFT-ICSE-24/SBFT-2024-pastis-tool.pdf) 于 *[SBFT 2024](https://sbft24.github.io/program/)* - 2024-03: [Finding low-hanging fruits vulnerabilities in a commercial antivirus 🖥️](Confs/HSR2024/slides_HSR_2024_Diawara.pdf) 于 *[HackSecuReims 2024](https://www.hacksecureims.eu/conferences.html)* - 2024-03: [How automatisation can improve firmware analysis? 🖥️](Confs/InCyber24/fic-24-firmware-analysis.pdf) 于 *[Forum InCyber 2024](https://fic.app.swapcard.com/widget/event/forum-incyber-2024/planning/UGxhbm5pbmdfMTgxMjc2Mw==)* - 2024-03: [Spyware for Rent 🖥️](Confs/NullCon2024/24-03-15-Nullcon-Spyware-to-rent.pdf)[📽️](https://www.youtube.com/watch?v=D-nT0Uojr1s) 于 *[NullCon 2024](https://nullcon.net/berlin-2024/speaker-the-world-of-spyware-for-rent)* - 2024-01: [FCSC Chaussette - A Triton showcase 🖥️](Confs/Ambrosia2024/2024-Ambrosia-FCSC-Chaussette-a-Triton-showcase.pdf) 于 *[Ambrosia 2024](https://web.archive.org/web/20240304004251/https://esnhack.fr/articles/article?id=7)* ### 2023 - 2023-11: [Google Apps Script - this talk requires access to your e-mails 🖥️](Confs/GreHack2023/GreHack2023_Google_Apps_Script-v1.0.pptx)[📽️](https://www.youtube.com/watch?v=mHJ1xjH-pq0) 于 *[GreHack 2023](https://grehack.fr/2023/program)* - 2023-11: [Breaking Secure Boot on the Silicon Labs Gecko platform 🖥️](Confs/Ekoparty2023/2023-11-03-ekoparty-gecko_bootloader-fenrisfulsur.pdf)[📽️](https://www.youtube.com/watch?v=bWO9pIWd_Ok) 于 *[Ekoparty 2023](https://ekoparty.org/eko2023-agenda/breaking-secure-boot-on-the-silicon-labs-gecko-platform/)* - 2023-11: [Breaking Secure Boot on the Silicon Labs Gecko platform 🖥️](Confs/Hardweario-NL-2023/2023-11-03-hwio_nl-gecko_bootloader-madsquirrel.pdf)[📽️](https://www.youtube.com/watch?v=WgXw6GgYz78) 于 *[Hardwear.io NL 2023](https://hardwear.io/netherlands-2023/speakers/beno%C3%AEt-and-sami.php)* - 2023-11: [Dissecting the Modern Android Data Encryption Scheme 🖥️](Confs/Hardweario-NL-2023/HWIO23-Android-FBE-mrossibellom-dmelotti.pdf)[📽️](https://www.youtube.com/watch?v=I7_8OMcWPHg) 于 *[Hardwear.io NL 2023](https://hardwear.io/netherlands-2023/speakers/maxime-and-damiano.php)* - 2023-11: [On the All UR are to be considered harmful for fun and profit is the new cool trick, hackers hate it. Redux. 🖥️](Confs/Ekoparty2023/2023-11-01-ekoparty-keynote-iarce.pdf)[📽️](https://www.youtube.com/watch?v=YIcW7hnhBBE) 于 *[Ekoparty 2023](https://ekoparty.org/eko2023-agenda/keynote)* - 2023-10: [Intel SGX assessment methodology 🖥️](Confs/AzureConfidentialComputing/AzureConfidentialComputing-IntelSGX-BlindAI-audit.pdf) 于 *[Azure Confidential Computing 2023](https://msevents.microsoft.com/event?id=4051068126)* - 2023-10: [Pyrrha: navigate easily into your system binaries 🖥️](Confs/HackLu23/pyrrha.pdf)[📽️](https://www.youtube.com/watch?v=-dMl-SvQl4k) 于 *[Hack.lu 2023](https://pretalx.com/hack-lu-2023/talk/WVFPNK/)* - 2023-09: [Fuzzing ntop 🖥️](Confs/ntopconf-2023/ntopconf-2023-fuzzing-ntop-rmori.pdf)[📽️](https://www.youtube.com/watch?v=ryEY4oslFK0) 于 *[ntopconf 2023](https://www.ntop.org/ntopconf2023/)* - 2023-08: [Introduction au CarHacking Comment construire sa “Car-in-a-box” 🖥️](Confs/Barbhack23/Barbhack_2023_Workshop_Car_in_a_Box.pdf) 工作坊于 *[Barbhack 2023](https://www.barbhack.fr/2023/en/conferences.html)* - 2023-08: [Emulation de périphérique USB-ETH pour l'audit IoT/Automotive 🖥️](Confs/Barbhack23/Barbhack_2023_QB_Emulation_USB-ETH.pdf) 于 *[Barbhack 2023](https://www.barbhack.fr/2023/en/conferences.html)* - 2023-07: [Map your Firmware! 🖥️](Confs/PTS23/PTS2023-Talk-14-Pyrrha-map-your-firmware.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2023-map-your-firmware/) 于 *[Pass the SALT 2023](https://cfp.pass-the-salt.org/pts2023/talk/9H8FH3/)* - 2023-07: [For Science! - Using an Unimpressive Bug in EDK II To Do Some Fun Exploitation 🖥️](Confs/PTS23/PTS2023-Talk-03-EDK2.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2023-for-science-using-an-unimpressive-bug-in-edk-ii-to-do-some-fun-exploitation/) 于 *[Pass the SALT 2023](https://cfp.pass-the-salt.org/pts2023/talk/L38TN3/)* - 2023-07: [Vulnerabilities in the TPM 2.0 reference implementation code 🖥️](Confs/PTS23/PTS2023-Talk-01-Vuln-in-TPM2-reference-implementation.pdf)[📽️](https://passthesalt.ubicast.tv/videos/2023-vulnerabilities-in-the-tpm-20-reference-implementation-code/) 于 *[Pass the SALT 2023](https://cfp.pass-the-salt.org/pts2023/talk/9ZDVHG/)* - 2023-06: [Parasitizing servers for fun and profit 🖥️](Confs/LeHack23/cauquil-Parasitizing_servers_for_fun_and_profit.pdf)[📽️](https://www.youtube.com/watch?v=3MXz4e4Qat0) 于 *[LeHack 2023](https://lehack.org/2023/tracks/conferences/#_696)* - 2023-06: [Vulnerabilities in the TPM 2.0 Reference Implementation Code 🖥️](Confs/Troopers23/Troopers-Falcon-VulnerabilitiesintheTPMReferenceImplementationCode.pdf)[📽️](https://www.youtube.com/watch?v=GwK7YRT2V70) 于 *[Troopers 2023](https://troopers.de/troopers23/talks/swfcuf/)* - 2023-06: [Google Apps Script 🖥️](Confs/ESE23/ESE_Google_Apps_Script-v1.0.pdf) 于 *[ESIEA Secure Edition 2023](https://web.archive.org/web/20230607211806/https://ese.esiea.fr/)* - 2023-06: [Who evaluates the evaluators ? 🖥️](Confs/WRACH2023/WRACH2023-who-evaluates-evaluators-slides-mvideau.pdf)[📜](https://wrach2023.sciencesconf.org/484191/document) 于 *[WRACH 2023](https://wrach2023.sciencesconf.org/484191)* - 2023-06: [Dissecting the Modern Android Data Encryption Scheme 🖥️](Confs/Recon23/Recon23-Android-FBE-mrossibellom-dmelotti.pdf)[📽️](https://www.youtube.com/watch?v=unRFQhkK1DE) 于 *[Recon 2023](https://cfp.recon.cx/2023/talk/3NQUNN/)* - 2023-06: [Trace-based approach to compiler debugging 🖥️](Confs/GDRGPL23/pres.pdf) 于 *[GDR GPL National Days 2023](https://gdrgpl2023.sciencesconf.org/program?lang=fr)* - 2023-06: [Exploring OpenSSL Engines to Smash Cryptography 🖥️](Confs/SSTIC23/SSTIC2023-Slides-exploring_openssl_engines_to_smash_cryptography-goudarzi_valadon.pdf)[📜](Confs/SSTIC23/SSTIC2023-Article-exploring_openssl_engines_to_smash_cryptography-goudarzi_valadon.pdf)[📽️](https://static.sstic.org/videos2023/1080p/exploring_openssl_engines_to_smash_cryptography.mp4) 于 *[SSTIC 2023](https://www.sstic.org/2023/programme/)* - 2023-06: [peetch: an eBPF based Networking Tool 🖥️](Confs/SSTIC23/SSTIC2023-Slides-peetch-valadon.pdf)[📽️](https://static.sstic.org/videos2023/1080p/peetch.mp4) 于 *[SSTIC 2023](https://www.sstic.org/2023/programme/)* - 2023-06: [Rétro-ingénierie et détournement de piles protocolaires embarquées 🖥️](Confs/SSTIC23/SSTIC2023-Slides-reverse_de_piles_protocolaires_embarquees_esp32-cauquil_cayre.pdf)[📜](Confs/SSTIC23/SSTIC2023-Article-reverse_de_piles_protocolaires_embarquees_esp32-cauquil_cayre.pdf)[📽️](https://static.sstic.org/videos2023/1080p/reverse_de_piles_protocolaires_embarquees_esp32.mp4) 于 *[SSTIC 2023](https://www.sstic.org/2023/programme/)* - 2023-05: [ESPwn32: Hacking with ESP32 System-on-Chips 🖥️](Confs/WOOT-2023/22-ESPwn32_Hacking_with_ESP32_SoCs.pdf)[📜](Confs/WOOT-2023/woot23-paper22.pdf)[📽️](https://www.youtube.com/watch?v=e5gSdk7Av5s) 于 *[WOOT 2023](https://wootconference.org/)* - 2023-05: [Emulating RH850 for fun and vulnerability research 🖥️](Confs/QPSS2023/QPSS2023-Emulating_Renesas_RH850-dcauquil-slides.pdf) 于 *[QPSS2023](https://web.archive.org/web/20231207014401/https://qcbizdev.my.salesforce-sites.com/QCTConference/GenericSitePage?eventname=SecuritySummit&page=Summit+Schedule)* - 2023-05: [PASTIS - A Collaborative Approach to Combine Heterogeneous Software Testing Techniques 🖥️](Confs/SBFT-ICSE-23/SBFT2023-PASTIS-rdavid.pdf)[📜](Confs/SBFT-ICSE-23/SBFT2023-PASTIS-paper-rdavid.pdf) 于 *[SBFT2023](https://conf.researchr.org/program/icse-2023/program-icse-2023/)* - 2023-05: [For Science! - Using an Unimpressive Bug in EDK II To Do Some Fun Exploitation 🖥️](Confs/Sthack23/uefi_tcg2smm.pdf)[📽️](https://www.youtube.com/watch?v=SjFTqqiHVBE) 于 *[StHack 2023](https://web.archive.org/web/20230609121314/https://www.sthack.fr/)* - 2023-05: [Trying to break randomness with statistics in less than 5minutes 🖥️](Confs/Sthack23/brocas_forgette_pwn2own_sthack23.pdf) 于 *[StHack 2023](https://web.archive.org/web/20230609121314/https://www.sthack.fr/)* - 2023-04: [Reflections on Supply chain security 🖥️](Confs/CERT2023/20230424-CERTvendors-conf-Reflections_on_Supply-chain_security-iarce.pdf) 于 *CERT Vendor Conference 2023* - 2023-04: [Weaponizing ESP32 RF Stacks 🖥️](Confs/THCon23/THCon23-Cayre-Cauquil-Weaponizing-ESP32-RF-stacks.pdf)[📽️](https://www.youtube.com/live/Mks2pZ4Subw?feature=share&t=13005) 于 *[THCon 2023](https://23.thcon.fr/events/#rcdc)* - 2023-03: [Whatever Pown2own 🖥️](Confs/INS23/Whatever_Pown2own.pdf)[📽️](https://www.youtube.com/watch?v=sQDo7222anM) 于 *[Insomni'hack 2023](https://www.insomnihack.ch/talks-2023/#UNGDNR)* - 2023-03: [Traceability of the compilation process 🖥️](Confs/CLAP-HiFi-LVP-2023/pres-clap.pdf) 于 *[CLAP-HiFi-LVP 2023](https://clap-hifi-lvp-2023.sciencesconf.org/program)* ### 2022 - 2022-11: [Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip 🖥️](Confs/Ekoparty2022/Ekoparty2022%20Attack%20on%20Titan%20M%20Reloaded%20-%20Melotti.pdf)[📽️](https://www.youtube.com/watch?v=AKTjhjrUEKw) 于 *[Ekoparty 2022](https://web.archive.org/web/20221201095304/https://www.ekoparty.org/en_US/main-track-talks-2022)* - 2022-11: [kdigger 📽️](https://www.youtube.com/watch?v=qzATiPrr9EE) 于 *[DefCon Paris meetup](https://defconparis.org/index.php/2022/10/18/2022-nov-21/)* - 2022-11: [Quokka - A Fast and Accurate Binary Exporter 🖥️](Confs/GreHack2022/Quokka-achallande-2022.pdf)[📽️](https://www.youtube.com/watch?v=3kbAW1LbsAo) 于 *[Grehack 2022](https://grehack.fr/2022/program)* - 2022-10: [From Offensive to Defensive Security 🖥️](Confs/Les%20Assises%20-%202022/From%20Offensive%20to%20Defensive%20Security.pdf) 于 *[Les Assises 2022](https://www.lesassisesdelacybersecurite.com/Le-Programme/Le-deroule-des-4-jours)* - 2022-10: [A journey of fuzzing Nvidia graphic driver leading to LPE exploitation 🖥️](Confs/Hexacon-2022/fuzzing_NVIDIA_drivers-tdore.pdf)[📽️](https://www.youtube.com/watch?v=ffBuY7ON57g) 于 *[Hexacon 2022](https://2022.hexacon.fr/)* - 2022-09: [Symbolic Execution the Swiss-Knife of the Reverse Engineering Toolbox 🖥️](Confs/KLEE-Workshop-2022/2022-09-klee-workshop-rdavid.pdf)[📽️](https://www.youtube.com/watch?v=PNbNtTa5Sp4) 于 *[KLEE Workshop 2022](https://srg.doc.ic.ac.uk/klee22/schedule.html)* - 2022-08: [Attack on Titan M, Reloaded 🖥️](Confs/BlackHat-USA-22/US-22-Melotti-Attack-on-Titan-M-Reloaded.pdf)[📽️](https://www.youtube.com/watch?v=bCjkAkXiwK4) 于 *[Black Hat USA 2022](https://www.blackhat.com/us-22/briefings/schedule/#attack-on-titan-m-reloaded-vulnerability-research-on-a-modern-security-chip-27330)* - 2022-07: [kdigger - Kubernetes focused container assessment and context discovery tool for penetration testing 🖥️](Confs/PTS22/PTS2022-Talk-22-kdigger.pdf)[📽️](https://archives.pass-the-salt.org/Pass%20the%20SALT/2022/videos/PTS2022-Talk-22-kdigger-a-context-discovery-tool-for-kubernetes-penetration-testing.mp4) 于 *[Pass the SALT 2022](https://cfp.pass-the-salt.org/pts2022/talk/EQ8QFD/)* - 2022-07: [Binbloom Reloaded 🖥️](Confs/PTS22/PTS2022-Talk-12-Binbloom-reloaded.pdf)[📽️](https://archives.pass-the-salt.org/Pass%20the%20SALT/2022/videos/PTS2022-Talk-12-binbloom-reloaded.mp4) 于 *[Pass the SALT 2022](https://cfp.pass-the-salt.org/pts2022/talk/VXNE8H/)* - 2022-07: [Mattermost End-to-End Encryption Plugin 🖥️](Confs/PTS22/PTS2022-Talk-01-Mattermost-e2ee-plugin.pdf)[📽️](https://archives.pass-the-salt.org/Pass%20the%20SALT/2022/videos/PTS2022-Talk-01-mattermost-end-to-end-encryption-plugin.mp4) 于 *[Pass the SALT 2022](https://cfp.pass-the-salt.org/pts2022/talk/KTMCGR/)* - 2022-06: [Attack on Titan M: Vulnerability Research on a Modern Security Chip 🖥️](Confs/Troopers22/Melotti-RossiBellom_TitanM.pdf)[📽️](https://www.youtube.com/watch?v=clhzUGcx47A) 于 *[Troopers 2022](https://troopers.de/troopers22/agenda/tr22-1081-attack-on-titan-m-vulnerability-research-on-a-modern-security-chip/)* - 2022-06: [So you hacked a WiFi router, and now what? 📽️](https://www.youtube.com/watch?v=bbZvIXU4laI) 于 *[LeHack 2022](https://2022.lehack.org/fr/planning/category_talk.html)* - 2022-06: [Augmenter votre résistance aux malwares en recyclant vos vielles machines en stations blanches et plus si affinités 📽️](https://www.youtube.com/watch?v=WT4e48LF3mE) 于 *[FIC 2022](https://web.archive.org/web/20230323232415/https://2022.forum-fic.com/programme-2022/)* - 2022-06: [TPM is not the holy way 🖥️](Confs/SSTIC22/SSTIC2022-Slides-tpm_is_not_the_holy_way-forgette.pdf)[📜](Confs/SSTIC22/SSTIC2022-Article-tpm_is_not_the_holy_way-forgette.pdf)[📽️](https://static.sstic.org/videos2022/1080p/tpm_is_not_the_holy_way.mp4) 于 *[SSTIC 2022](https://www.sstic.org/2022/programme/)* - 2022-06: [Binbloom v2 - Ceci est une (r)evolution 🖥️](Confs/SSTIC22/sstic22-binbloom-v2.pdf)[📽️](https://static.sstic.org/videos2022/1080p/binbloom_v2.mp4) 于 *[SSTIC 2022](https://www.sstic.org/2022/programme/)* - 2022-05: [Hackers, Reprenez Le Contrôle Des Objets Connectés ! 📽️](https://vimeo.com/730352388) 于 *[Mixit 2022](https://mixitconf.org/2022/hackers-reprenez-le-controle-des-objets-connectes-)* - 2022-05: [When eBPF meets TLS! 🖥️](Confs/CanSecWest-2022/When%20eBPF%20meets%20TLS.pdf) 于 *[CanSecWest 2022](https://cansecwest2022.sched.com/event/ztH2/when-ebpf-meets-tls)* - 2022-05: [kdigger - A Context Discovery Tool for Kubernetes Penetration Testing 🖥️](Confs/BlackHat-Asia-22/blackhat-asia-arsenal-kdigger.pdf) 于 *[Black Hat Asia 2022](https://www.blackhat.com/asia-22/arsenal/schedule/#kdigger-a-context-discovery-tool-for-kubernetes-penetration-testing-26238)* - 2022-04: [Can you park a car in a classroom? 📽️](https://www.youtube.com/watch?v=aMAFlvfQ4Gs) 于 *[Hardwear.io webinar](https://hardwear.io/webinar/can-you-park-car-in-classroom.php)* - 2022-04: [Building a Commit-level Dataset of Real-World Vulnerabilities 🖥️](Confs/CODASPY-22/2022-codaspy-achallade-BuildingACommitLevelDataset.pdf)[📜](Confs/CODASPY-22/2022-codaspy-achallade-BuildingACommitLevelDataset_paper.pdf)[📽️](https://www.youtube.com/watch?v=b_T4kCJ-P3o) 于 *[CODASPY 2022](https://www.codaspy.org/2022/program.html)* ### 2021 - 2021-11:Wookey: Episode VII - The Force Awakens 🖥️](Confs/GreHack2021/GH2021%20Wookey:%20Episode%20VII%20-%20The%20Force%20Awakens%20-%20Teuwen.pdf)[📽️](https://www.youtube.com/watch?v=aAuiJZatYR8) 于 *[GreHack 2021](https://grehack.fr/2021/program)* - 2021-11: [Windows kernel snapshot-based fuzzing: the good, the bad and the ugly 📽️](https://www.youtube.com/watch?v=q9di2qIHlUg) 于 *[GreHack 2021](https://grehack.fr/2021/program)* - 2021-11: [Reversing And Fuzzing The Google Titan M Chip 🖥️](Confs/ROOTS2021/DamianoMelotti_ReversingAndFuzzingTheGoogleTitanMChip_slides.pdf)[📜](Confs/ROOTS2021/DamianoMelotti_ReversingAndFuzzingTheGoogleTitanMChip_paper.pdf) 于 *[ROOTS 2021](https://www.roots-conference.org/2021accepted.html)* - 2021-11: [From source code to crash test-cases through software testing automation 🖥️](Confs/C%26ESAR-2021/CESAR-2021_slides_2-2.pdf)[📜](Confs/C%26ESAR-2021/paper-02.pdf) 于 *[C&ESAR 2021](https://conf.researchr.org/program/cesar-2021/program-cesar-2021/)* - 2021-11: [2021: A Titan M Odyssey 🖥️](Confs/BlackHat-Europe-21/EU-21-Rossi_Bellom-2021_A_Titan_M_Odyssey.pdf)[📜](Confs/BlackHat-Europe-21/EU-21-Rossi_Bellom-2021_A_Titan_M_Odyssey-wp.pdf)[📽️](https://www.youtube.com/watch?v=UNPblJup5ko) 于 *[Black Hat Europe 2021](https://www.blackhat.com/eu-21/briefings/schedule/index.html#-a-titan-m-odyssey-24471)* - 2021-10: [EEPROM - It will all End in Tears (EN) 🖥️](Confs/Hardweario-NL-2021/teuwen_herrmann_eeprom_tears_hwio_nl_2021_slides.pdf)[📽️](https://www.youtube.com/watch?v=zZp5h0Tdkhk) 于 *[Hardwear.io NL 2021](https://hardwear.io/netherlands-2021/speakers/philippe-and-christian.php)* - 2021-08: [SSE and SSD : Page-Efficient Searchable Symmetric Encryption 📜](Confs/CRYPTO2021/978-3-030-84252-9_6.pdf)[📽️](https://youtube.com/watch?v=ktl9kUyJa6E) 于 *[CRYPTO 2021](https://crypto.iacr.org/2021/program.php)* - 2021-08: [Greybox Program Synthesis: A New Approach to Attack Dataflow Obfuscation 🖥️](Confs/BlackHat-USA-21/US-21-David-Greybox-Program-Synthesis.pdf)[📜](Confs/BlackHat-USA-21/US-21-David-Greybox-Program-Synthesis-wp.pdf)[📽️](https://www.youtube.com/watch?v=eJo74i7nxtk) 于 *[Black Hat USA 2021](https://www.blackhat.com/us-21/briefings/schedule/)* - 2021-07: [Meet Piotr, a firmware emulation tool for trainers and researchers 🖥️](Confs/PTS21/PTS2021-Talk-16-piotr.pdf)[📽️](https://archives.pass-the-salt.org/Pass%20the%20SALT/2021/videos/PTS2021-Talk-16-piotr.mp4) 于 *[Pass the SALT 2021](https://cfp.pass-the-salt.org/pts2021/schedule/#)* - 2021-06: [Unlinkable and Invisible γ-Sanitizable Signatures 📜](Confs/ACNS2021/978-3-030-78372-3_10.pdf) 于 *[Applied Cryptography and Network Security ACNS 2021](http://sulab-sever.u-aizu.ac.jp/ACNS2021/program.html)* - 2021-06: [Exploitation du graphe de dépendance d'AOSP à des fins de sécurité 🖥️](Confs/SSTIC21/SSTIC2021-Slides-bgraph-challande_renault_david.pdf)[📜](Confs/SSTIC21/SSTIC2021-Article-bgraph-challande_renault_david.pdf)[📽️](https://static.sstic.org/videos2021/1080p/bgraph.mp4) 于 *[SSTIC 2021](https://www.sstic.org/2021/programme/)* - 2021-06: [EEPROM - It Will All End in Tears 🖥️](Confs/SSTIC21/SSTIC2021-Slides-eeprom_it_will_all_end_in_tears-herrmann_teuwen.pdf)[📜](Confs/SSTIC21/SSTIC2021-Article-eeprom_it_will_all_end_in_tears-herrmann_teuwen.pdf)[📽️](https://static.sstic.org/videos2021/1080p/vostfr-eeprom_it_will_all_end_in_tears.mp4) 于 *[SSTIC 2021](https://www.sstic.org/2021/programme/)* - 2021-06: [QBDL - QuarkslaB Dynamic Loader 🖥️](Confs/SSTIC21/SSTIC-21-QBDL-aguinet-rthomas.pdf)[📽️](https://static.sstic.org/videos2021/1080p/qbdl_quarkslab_dynamic_loader.mp4) 于 *[SSTIC 2021](https://www.sstic.org/2021/programme/)* ### 2020 - 2020-11: [Towards an assymetric white-box proposal 📜](Confs/JCC2020/2020_893.pdf) 于 *[Journées Codage & Cryptographie 2020](https://jc2-2020.inria.fr/programme/)* - 2020-11: [Participation au panel “RFID Hacking” 📽️](https://www.youtube.com/watch?v=OtbLdU0d3gM) 于 *[PACSEC 2020](https://web.archive.org/web/20201105070401/https://www.secwest.net/pacsec/rfid-security)* - 2020-10: [Dynamic Binary Instrumentation Techniques to Address Native Code Obfuscation 🖥️](Confs/BlackHat-Asia-20/asia-20-Thomas-Dynamic-Binary-Instrumentation-Techniques-to-Address-Native-Code-Obfuscation.pdf)[📜](Confs/BlackHat-Asia-20/asia-20-Thomas-Dynamic-Binary-Instrumentation-Techniques-to-Address-Native-Code-Obfuscation-wp.pdf)[📽️](https://www.youtube.com/watch?v=MRku-2fW42w) 于 *[Black Hat Asia 2020](https://www.blackhat.com/asia-20/briefings/schedule/index.html)* - 2020-09: [Anomalie de sécurité sur une JCard EAL6+ en marge d'1 CSPN inter-CESTI 📽️](https://www.youtube.com/watch?v=zo3WB7qRhGs) 于 *[webinaire de l'OSSIR](https://www.ossir.org/)* - 2020-08: [Collision-Based Attacks Against Whiteboxes with QBDI 🖥️](Confs/Barbhack20/20-Barbhack-Collision-Based-Attacks-Against-Whiteboxes-with-QBDI.pdf) 于 *[Barbhack 2020](https://www.barbhack.fr/2020/fr/conferences.html)* - 2020-07: [Building Whiteboxes: attacks and defenses 🖥️](Confs/Hardweario-2020/building_whiteboxes_hardwear_io_07_2020.pdf)[📽️](https://www.youtube.com/watch?v=WIHEUz89HEo) 于 *[Hardwear.io webinar](https://hardwear.io/webinar/building-whiteboxes-attacks-and-defenses.php)* - 2020-06: [Why are Frida and QBDI a Great Blend on Android? 🖥️](Confs/PTS20/PTS2020-Talk-05-Frida_QBDI.pdf)[📽️](https://archives.pass-the-salt.org/Pass%20the%20SALT/2020/videos/PTS2020-Talk-05-Frida_QBDI.mp4) 于 *[Pass the SALT 2020](https://2020.pass-the-salt.org/schedule/)* - 2020-06: [Reverse engineering raw firmware: a tool to get you started 📽️](https://www.youtube.com/watch?v=fkPSlBxh7Nw) 于 *[Hardwear.io webinar](https://hardwear.io/webinar/Reverse-engineering.php)* - 2020-06: [Inter-CESTI: Methodological and Technical Feedbacks on Hardware Devices Evaluations 🖥️](Confs/SSTIC20/SSTIC2020-Slides-inter-cesti_methodological_and_technical_feedbacks_on_hardware_devices_evaluations-benadjila.pdf)[📜](Confs/SSTIC20/SSTIC2020-Article-inter-cesti_methodological_and_technical_feedbacks_on_hardware_devices_evaluations-benadjila.pdf)[📽️](https://static.sstic.org/videos2020/1080p/Inter-CESTI_Methodological_and_Technical_Feedbacks_on_Hardware_Devices_Evaluations.mp4) 于 *[SSTIC 2020](https://www.sstic.org/2020/programme/)* - 2020-06: [Fuzz and Profit with WHVP 🖥️](Confs/SSTIC20/AumaitreDamien_FuzzAndProfitWithWHVP_slides.pdf)[📜](Confs/SSTIC20/AumaitreDamien_FuzzAndProfitWithWHVP.pdf)[📽️](https://static.sstic.org/videos2020/1080p/FuzzAndProfitWithWHVP.mp4) 于 *[SSTIC 2020](https://www.sstic.org/2020/programme/)* - 2020-02: [QSynth - A Program Synthesis approach for Binary Code Deobfuscation 🖥️](Confs/BAR20/bar_slides.pdf)[📜](Confs/BAR20/bar2020-preprint9.pdf) 于 *[Binary Analysis Research (BAR) Workshop 2020](https://www.ndss-symposium.org/ndss-program/bar-workshop-2020/)* - 2020-02: [Self-hosted server backups for the paranoid 📽️](https://video.fosdem.org/2020/UD2.119/borg.mp4) 于 *[FOSDEM 2020](https://archive.fosdem.org/2020/schedule/event/borg/)* ### 2019 - 2019-11: [Cryptographie et attaques matérielles : Application à la cryptographie en boîte blanche 🖥️](Confs/GeeksAnonymes2019/2019_ULiege_Cryptographie_et_attaques_matérielles.pdf) 于 *[GeeksAnonymes, ULiège](https://www.news.uliege.be/cms/c_11323028/fr/cryptographie-et-attaques-materielles)* - 2019-11: [Epona and the Obfuscation Paradox: Transparent for Users and Developers, a Pain for Reverser 🖥️](Confs/SPRO2019/4-Epona-spro-slides-updated.pdf)[📜](https://dl.acm.org/doi/10.1145/3338503.3357722) 于 *[SPRO 2019](https://spro.aspire-fp7.eu/cfp/)* - 2019-09: [When C++ Zero-Cost Abstraction Fails: how-to Fix Your Compiler 📽️](https://www.youtube.com/watch?v=EPI7dW5CUfc) 于 *[CppCon 2019](https://cppcon2019.sched.com/event/Sfne/when-c-zero-cost-abstraction-fails-how-to-fix-your-compiler)* - 2019-08: [Breaking Samsung's ARM TrustZone 🖥️](Confs/BlackHat-USA-19/us-19-Peterlin-Breaking-Samsungs-ARM-TrustZone.pdf)[📽️](https://www.youtube.com/watch?v=uXH5LJGRwXI) 于 *[Black Hat USA 2019](https://www.blackhat.com/us-19/briefings/schedule/index.html#breaking-samsungs-arm-trustzone-14932)* - 2019-06: [IDArling, la première plateforme de rencontre entre reversers 🖥️](Confs/SSTIC19/SSTIC2019-Slides-idarling_la_premiere_plateforme_de_rencontre_entre_reversers-adamski_guilbon.pdf)[📽️](https://static.sstic.org/videos2019/1080p/SSTIC_2019-06-05_P09.mp4) 于 *[SSTIC 2019](https://www.sstic.org/2019/programme/)* - 2019-05: [Grey-box attacks, four years later 🖥️](Confs/WhibOx2019/WhibOx2019_greybox_attacks_4years_later_pteuwen.pdf) 于 *[WhibOx 2019](https://www.cryptoexperts.com/whibox2019/)* - 2019-05: [DKOM 3.0: Hiding and Hooking with Windows Extension Hosts 🖥️](Confs/Infiltrate19/infiltrate2019.pdf)[📽️](https://vimeo.com/335166152) 于 *[Infiltrate 2019](https://web.archive.org/web/20190310011152/http://infiltratecon.com/schedule/)* - 2019-04: [Fuzzing binaries using Dynamic Instrumentation 🖥️](Confs/5th-France-Japan-CyberWorkshop/19-Kyoto-Fuzzing_Binaries_using_Dynamic_Instrumentation%20-%20HERNAULT%20Paul.pdf) 于 *[French-Japan cybersecurity workshop 2019](https://project.inria.fr/FranceJapanICST/wokshops/5th-france-japan-cybersecurity-workshop/)* - 2019-04: [Table-based whitebox techniques applied to lattice based cryptography: towards an asymmetric whitebox proposal? 🖥️](Confs/WRACH2019/2020-893.pdf) 于 *[WRACH 2019](https://wrach2019.lip6.fr/program.html)* - 2019-03: [Old New Things: An examination of the Philips TriMedia architecture 🖥️](Confs/Troopers19/trimedia-research-nriva.pdf)[📽️](https://www.youtube.com/watch?v=FPoSzLHa7dY) 于 *[Troopers 2019](https://www.troopers.de/troopers19/agenda/83cfsn/)* - 2019-01: [Contrôle de passes à grain fin pour l'obfuscation de code 🖥️](Confs/RencontreCommFrCompil2019/Obfuscation-quarkslab.pdf) 于 *[Journées de la Compilation 2019](https://compil2019.minesparis.psl.eu/)* ### 2018 - 2018-11: [ROPGenerator: practical automated ROP-Chain generation 📽️](https://www.youtube.com/watch?v=rz7Z9fBLVs0) 于 *[GreHack 2018](https://grehack.fr/2018/program)* - 2018-11: [Vulnerability Research - What It Takes to Keep Going and Going and Going 🖥️](Confs/HITB18/D1T2%20-%20Vulnerability%20Research%20-%20What%20It%20Takes%20to%20Keep%20Going%20and%20Going%20and%20Going%20-%20Cedric%20Tessier%20Fred%20Raynal.pdf) 于 *[HITB 2018 Beijing](https://archive.conference.hitb.org/hitbsecconf2018pek/sessions/vulnerability-research-what-it-takes-to-keep-going-and-going-and-going/)* - 2018-09: [AFL, QBDI And KSE Are on a Boat 📽️](https://www.youtube.com/watch?v=DjBVTRUPrJY) 于 *[Ekoparty 2018](https://web.archive.org/web/20180920114610/https://ekoparty.org/cronograma.php)* - 2018-09: [Old New Things: An Examinsation of the Philips TriMedia Architecture 📽️](https://www.youtube.com/watch?v=Ds1KtUBloEA) 于 *[Ekoparty 2018](https://web.archive.org/web/20180920114610/https://ekoparty.org/cronograma.php)* - 2018-09: [C++ In the Elvenland 📽️](https://www.youtube.com/watch?v=CVg7CYVV3KI) 于 *[CppCon 2018](https://cppcon2018.sched.com/)* - 2018-09: [Easy::Jit : A Just-in-Time compilation library for C++ 🖥️](Confs/CPPCON18/cppcon18_easy_jit.pdf)[📽️](https://www.youtube.com/watch?v=_WPdof1dTqo) 于 *[CppCon 2018](https://cppcon2018.sched.com/)* - 2018-09: [Frozen Data Structures in C++14 📽️](https://www.youtube.com/watch?v=vA5sdxbwUG8) 于 *[CppCon 2018](https://cppcon2018.sched.com/)* - 2018-09: [Combining obfuscation and optimizations in the real world 📜](Confs/SCAM2018/scam_2018.pdf) 于 *[SCAM 2018](https://www.ieee-scam.org/2018/)* - 2018-08: [The Windows Notification Facility: Peeling the Onion of the Most Undocumented Kernel Attack Surface Yet 📽️](https://www.youtube.com/watch?v=MybmgE95weo) 于 *[Black Hat USA 2018](https://www.blackhat.com/us-18/briefings/schedule/index.html)* - 2018-07: [Quadratic Time Algorithm for Inversion of Binary Permutation Polynomials 📜](Confs/ICMS2018/inversion-z2n-lcns.pdf) 于 *[ICMS 2018](https://icms-conference.org/2018/sessions/session6/)* - 2018-07: [Static instrumentation based on executable file formats 🖥️](Confs/PTS18/PTS18-static-instrumentation-rthomas.pdf)[📽️](https://archives.pass-the-salt.org/Pass%20the%20SALT/2018/videos/PTS2018-03-static-instrumentation-based-on-executable-file-formats_2160p.mp4) 于 *[Pass the SALT 2018](https://2018.pass-the-salt.org/schedule/)* - 2018-06: [Symbolic Deobfuscation: From Virtualized Code Back to the Original 🖥️](Confs/DIMVA18/DIMVA2018-slide-deobfuscation-salwan-bardin-potet.pdf)[📜](Confs/DIMVA18/DIMVA2018-deobfuscation-salwan-bardin-potet.pdf) 于 *[15th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, DIMVA 2018](https://web.archive.org/web/20220926070342/http://www.dimva2018.org/program/)* - 2018-06: [Static instrumentation based on executable file formats 🖥️](Confs/Recon18/Recon18-Static-Instrumentation-rthomas.pdf)[📽️](https://www.youtube.com/watch?v=gPwb6HDw6f0) 于 *[Recon 2018](https://recon.cx/2018/montreal/schedule/events/131.html)* - 2018-06: [Attacking Serial Flash Chip: Case Study of a Black Box 📜](Confs/SSTIC18/SSTIC2018-Article-attacking_serial_flash_chip_case_study_of_a_black_box_device-benoit_heilles_teuwen.pdf)[📽️](https://static.sstic.org/videos2018/SSTIC_2018-06-13_P11.mp4) 于 *[SSTIC 2018](https://www.sstic.org/2018/programme/)* - 2018-04: [Implementing an LLVM based Dynamic Binary Instrumentation framework 📽️](https://www.youtube.com/watch?v=_CjpRKKyQN8) 于 *[Euro LLVM dev meeting](https://llvm.org/devmtg/2018-04/)* - 2018-04: [Easy::Jit : Compiler-assisted library to enable Just-In-Time compilation for C++ codes 🖥️](Confs/EuroLLVM2018/Caamano-Easy_Jit.pdf)[📽️](https://www.youtube.com/watch?v=sFxqI6Z_bhE) 于 *[Euro LLVM dev meeting](https://llvm.org/devmtg/2018-04/)* - 2018-04: [DragonFFI: Foreign Function Interface and JIT using Clang/LLVM 🖥️](Confs/EuroLLVM2018/Guinet-DragonFFI.pdf)[📽️](https://www.youtube.com/watch?v=FaMhK9vHPvc) 于 *[Euro LLVM dev meeting](https://llvm.org/devmtg/2018-04/)* - 2018-04: [Automat vulnerability research to better face new software security challenges 🖥️](Confs/Cisco18/18-cisco-auto-vuln-research.pdf) 于 *[Cisco Innovation & Research Symposium 2018](https://www.cisco.com/c/m/fr_fr/training-events/events/2018/innovation-and-research-symposium/index.html)* - 2018-02: [Surviving in an Open Source Niche: the Pythran case 📽️](https://www.youtube.com/watch?v=MVveijGchTU) 于 *[FOSDEM 2018](https://archive.fosdem.org/2018/schedule/event/pythran/)* - 2018-02: [Literate Programming meets LLVM Passes 📽️](https://www.youtube.com/watch?v=N1md7_atQ9M) 于 *[FOSDEM 2018](https://archive.fosdem.org/2018/schedule/event/literate/)* - 2018-02: [Easy::jit : just-in-time compilation for C++ 🖥️](Confs/FOSDEM2018/easy_jit_fosdem.pdf)[📽️](https://www.youtube.com/watch?v=5_rydTiB32I) 于 *[FOSDEM 2018](https://archive.fosdem.org/2018/schedule/event/easyjit/)* - 2018-02: [DragonFFI Foreign Function Interface and JIT using Clang/LLVM 🖥️](Confs/FOSDEM2018/18_02_04_fosdem.tar.bz2)[📽️](https://www.youtube.com/watch?v=qZtS4EcUMtc) 于 *[FOSDEM 2018](https://archive.fosdem.org/2018/schedule/event/dragonffi/)* ### 2017 - 2017-12: [Implementing an LLVM based Dynamic Binary Instrumentation framework 🖥️](Confs/34C3-2018/QBDI_34c3-chubain-ctessier.pdf)[📽️](https://www.youtube.com/watch?v=Zt74lOuU6zc) 于 *[34th Chaos Communication Congress](https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/9006.html)* - 2017-12: [How to drift with any car 📽️](https://www.youtube.com/watch?v=KU7gl1n1tIs) 于 *[34th Chaos Communication Congress](https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8758.html)* - 2017-11: [Flash dumping & hardware 101 🖥️](Confs/BlackHoodie-2017/flash_dumping_-_kylma.pdf) 于 *[BlackHoodie 2017 #3](https://blackhoodie.re/archives/bh2017/)* - 2017-11: [Kernel Shim Engine for fun 🖥️](Confs/BlackHoodie-2017/Kernel_Shim_Engine_for_fun_-_pwissenlit.pdf) 于 *[BlackHoodie 2017 #3](https://blackhoodie.re/archives/bh2017/)* - 2017-10: [Challenges building an LLVM-based obfuscator 🖥️](Confs/LLVM-2017/Guelton-Challenges_when_building_an_LLVM_bitcode_Obfuscator.pdf)[📽️](https://www.youtube.com/watch?v=d72Snpxx4Co) 于 *[2017 LLVM Developers' Meeting](https://llvm.org/devmtg/2017-10/)* - 2017-09: [L'interpréteur Python, quel sale type 🖥️](Confs/PyConFR-2017/PyConFR2017.pdf)[📽️](https://www.youtube.com/watch?v=CGm8_OKG9Vo) 于 *[PyConFR 2017](https://www.pycon.fr/2017/)* - 2017-07: [LIEF: Library to Instrument Executable Formats 🖥️](Confs/RMLL17/17-RMLL-LIEF-rthomas.pdf)[📽️](https://archives.pass-the-salt.org/RMLL%20Security%20Tracks/2017/videos/RMLL-Sec-2017-lief_63569_720p.mp4) 于 *RMLL 2017* - 2017-06: [Playing with Binary Analysis: Deobfuscation of VM based software protection / Désobfuscation binaire : Reconstruction de fonctions virtualisées 🖥️](Confs/SSTIC17/SSTIC2017_Deobfuscation_of_VM_based_software_protection.pdf)[📜](Confs/SSTIC17/SSTIC2017_Deobfuscation_of_VM_based_software_protection.pdf)[📽️](https://static.sstic.org/videos2017/SSTIC_2017-06-07_P08.mp4) 于 *[SSTIC 2017](https://www.sstic.org/2017/programme/)* - 2017-04: [LIEF: Library to Instrument Executable Formats 🖥️](Confs/FranceJapanICST2017/RThomas_presentation_2017.pdf) 于 *[Third French Japanese Meeting on Cybersecurity](https://project.inria.fr/FranceJapanICST/wokshops/2017-program/presentations/)* - 2017-04: [Ma vie, mon œuvre, et le cyber 🖥️](Confs/SeminaireIE2017/raynal_17_04_ege_fr.pdf) 于 *[92ème séminaire d’intelligence économique](https://www.ege.fr/actualites/seminaire-ie-retour-d-experience-sur-les-questions-de-cyber-securite-de-deux-praticiens-du-conseil.html)* - 2017-03: [Playing with Binary Analysis: Deobfuscation of VM based software protection 📽️](https://www.youtube.com/watch?v=wr2BtVO9rKk) 于 *[THCon 2017](https://17.toulousehackingconvention.fr/)* ### 2016 - 2016-12: [Practical Attacks Against White-Box Crypto Implementations 🖥️](Confs/SCR1-2016/2016_Rennes1_Practical_Attacks_Against_White-Box_Crypto_Implementations.pdf) 于 *[Séminaire de Cryptographie, Université de Rennes 1](https://webmath.univ-rennes1.fr/crypto/2017/PhilippeTeuwen_fr.html)* - 2016-11: [Arybo : Manipulation, Canonicalization and Identification of Mixed Boolean-Arithmetic Symbolic Expressions 📜](Confs/GreHack2016/hal-01390528.pdf)[📽️](https://www.youtube.com/watch?v=m-NCKJg8B_M) 于 *[GreHack 2016](https://grehack.fr/2016/program)* - 2016-11: [How Triton can help to reverse virtual machine based software protections 🖥️](Confs/CSAW16/csaw2016-sos-jsalwan-rthomas.pdf)[📽️](https://www.youtube.com/watch?v=Fk7bF94sy9U) 于 *[CSAW 2016](https://engineering.nyu.edu/events/2016/11/10/csaw-16)* - 2016-11: [Ghost in the PLC: Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack 🖥️](Confs/BlackHat-Europe-16/eu-16-Abbasi-Ghost-In-The-PLC_compressed.pdf)[📜](Confs/BlackHat-Europe-16/eu-16-Abbasi-Ghost-In-The-PLC-paper.pdf)[📽️](https://www.youtube.com/watch?v=Z447UFZuLII) 于 *[Black Hat Europe 2016](https://www.blackhat.com/eu-16/briefings.html#ghost-in-the-plc-designing-an-undetectable-programmable-logic-controller-rootkit)* - 2016-10: [Defeating MBA-based Obfuscation 🖥️](Confs/SPRO2016/Defeating_MBA-based_Obfuscation.pdf)[📜](Confs/SPRO2016/2995306.2995308.pdf) 于 *[SPRO 2016](https://web.archive.org/web/20170626080416/https://aspire-fp7.eu/spro/workshop-programme/)* - 2016-10: [Binary Permutation Polynomial Inversion and Application to Obfuscation Techniques 📜](Confs/SPRO2016/2995306.2995310.pdf) 于 *[SPRO 2016](https://web.archive.org/web/20170626080416/https://aspire-fp7.eu/spro/workshop-programme/)* - 2016-10: [GAST, Daou Naer - AST pour Python 2 et 3 📽️](https://www.pycon.fr/2016/videos/gast-daou-naer-ast-pour-python-2-et-3.html) 于 *[PyConFR 2016](https://www.pycon.fr/2016/pages/programme.html)* - 2016-09: [C++ Costless Abstractions: the compiler view 🖥️](Confs/CppCon2016/C%2B%2B%20Costless%20Abstractions%20-%20the%20Compiler%20View%20-%20Serge%20Guelton%20-%20CppCon%202016.pdf)[📽️](https://www.youtube.com/watch?v=q0N9Tvf7Bz0) 于 *[CppCon 2016](https://cppcon2016.sched.com/)* - 2016-08: [Differential computation analysis: Hiding your white-box designs is not enough 🖥️](Confs/CHES2016/CHES2016_Session5_1.pdf)[📜](Confs/CHES2016/978-3-662-53140-2_11.pdf)[📽️](https://www.youtube.com/watch?v=Zuhapyo7qFQ) 于 *[CHES 2016](https://iacr.org/workshops/ches/ches2016/start.php)* - 2016-07: [Practical Attacks Against White-Box Crypto Implementations 🖥️](Confs/EcryptNet2016/2016_EcryptNet_Practical_Attacks_Against_White-Box_Crypto_Implementations.pdf) 工作坊于 *[ECRYPT-NET Workshop on Cryptography Design for the IoT](https://www.cosic.esat.kuleuven.be/ecrypt_net_iot_workshop_2016/program.shtml)* - 2016-07: [Binmap: scanning file systems with Binmap 🖥️](https://archives.pass-the-salt.org/RMLL%20Security%20Tracks/2016/slides/RMLL-Sec-2016-07-04-05-Guelton-Binmap.html)[📽️](https://archives.pass-the-salt.org/RMLL%20Security%20Tracks/2016/videos/RMLL-Sec-2016-scanning-file-systems-with-binmap__high.mp4) 于 *[RMLL Security track 2016](https://web.archive.org/web/20170622110659/https://sec2016.rmll.info/programme/)* - 2016-06: [Design de cryptographie white-box : et a la fin, c'est Kerckhoffs qui gagne 🖥️](Confs/SSTIC16/SSTIC2016-Slides-design_de_cryptographie_white-box_et_a_la_fin_c_est_kerckhoffs_qui_gagne-hubain_teuwen_1.pdf)[📜](Confs/SSTIC16/SSTIC2016-Article-design_de_cryptographie_white-box_et_a_la_fin_c_est_kerckhoffs_qui_gagne-hubain_teuwen_1.pdf)[📽️](http://static.sstic.org/videos2016/SSTIC_2016-06-03_P05.mp4) 于 *[SSTIC 2016](https://www.sstic.org/2016/programme/)* - 2016-04: [Dynamic Binary Analysis and Obfuscated Codes 🖥️](Confs/StHack16/sthack2016-jsalwan-rthomas.pdf) 于 *StHack 2016* - 2016-03: [Building, Testing and Debugging a Simple out-of-tree LLVM Pass 🖥️](Confs/EuroLLVM2016/Tutorial.pdf)[📽️](https://www.youtube.com/watch?v=Z5KcwVaak3s) 于 *[Euro LLVM 2016](http://llvm.org/devmtg/2016-03/)* - 2016-03: [Hiding your White-Box Designs is Not Enough 🖥️](Confs/Troopers16/troopers16_teuwen_hiding_your_wb_designs.pdf)[📽️](https://www.youtube.com/watch?v=ws77zK4p9qs) 于 *[Troopers 2016](https://troopers.de/events/troopers16/531_hiding_your_white-box_designs_is_not_enough/)* ### 2015 - 2015-10: [Building, Testing and Debugging a Simple out-of-tree LLVM Pass 🖥️](Confs/LLVM-2015/GueltonGuinet-BuildingTestingDebuggingASimpleOutOfTreePass.pdf)[📽️](https://www.youtube.com/watch?v=BnlG-owSVTk) 于 *[LLVM dev meeting](https://llvm.org/devmtg/2015-10/)* - 2015-09: [Some technical & scientific challenges I'd like to have working solutions for 🖥️](Confs/SAS15/15-09-sas.pdf) 于 *[SAS 2015](http://sas2015.inria.fr/)* - 2015-06: [IRMA : Incident Response and Malware Analysis 🖥️](Confs/SSTIC15/SSTIC2015-Slides-irma_incident_response_and_malware_analysis.pdf)[📜](Confs/SSTIC15/SSTIC2015-Article-irma_incident_response_and_malware_analysis.pdf)[📽️](https://static.sstic.org/videos2015/SSTIC_2015-06-05_P06_IRMA.mp4) 于 *[SSTIC 2015](https://www.sstic.org/2015/programme/)* - 2015-06: [Analyse de sécurité de technologies propriétaires SCADA 🖥️](Confs/SSTIC15/SSTIC2015-Slides-analyse_de_scurite_de_technologies_propritaires_scada.pdf)[📜](Confs/SSTIC15/SSTIC2015-Article-analyse_de_scurite_de_technologies_propritaires_scada.pdf)[📽️](https://static.sstic.org/videos2015/SSTIC_2015-06-04_P05_SCADA.mp4) 于 *[SSTIC 2015](https://www.sstic.org/2015/programme/)* - 2015-06: [Quatre millions d'échanges de clés par seconde 🖥️](Confs/SSTIC15/SSTIC2015-Slides-4M_kx_per_sec-guinet_aguilar_guelton_lepoint.pdf)[📜](Confs/SSTIC15/SSTIC2015-Article-4M_kx_per_sec-guinet_aguilar_guelton_lepoint.pdf)[📽️](https://static.sstic.org/videos2015/SSTIC_2015-06-04_P03_4M_echanges_cles.mp4) 于 *[SSTIC 2015](https://www.sstic.org/2015/programme/)* - 2015-06: [Triton: Concolic Execution Framework 🖥️](Confs/SSTIC15/SSTIC2015_English_slide_detailed_version_Triton_Concolic_Execution_FrameWork_FSaudel_JSalwan.pdf)[📜](Confs/SSTIC15/SSTIC2015_French_Paper_Triton_Framework_dexecution_Concolique_FSaudel_JSalwan.pdf)[📽️](https://static.sstic.org/videos2015/SSTIC_2015-06-03_P03_Triton.mp4) 于 *[SSTIC 2015](https://www.sstic.org/2015/programme/)* - 2015-05: [Supervising the Supervisor: Reversing Proprietary SCADA Tech. 📜](Confs/HITB15/WHITEPAPER-Reversing-Proprietary-SCADA-Tech.pdf) 于 *[HITB 2015 Amsterdam](https://archive.conference.hitb.org/hitbsecconf2015ams/)* - 2015-03: [Dynamic Binary Analysis and Instrumentation Covering a function using a DSE approach 🖥️](Confs/StHack15/StHack2015_Dynamic_Behavior_Analysis_using_Binary_Instrumentation_Jonathan_Salwan.pdf) 于 *[StHack 2015](https://web.archive.org/web/20150206054026/https://www.sthack.fr/)* - 2015-01: [Dynamic Binary Analysis and Instrumentation Covering a function using a DSE approach 🖥️](Confs/SecurityDay15/SecurityDay2015_dynamic_symbolic_execution_Jonathan_Salwan.pdf)[📽️](https://webtv.univ-lille.fr/files/videos/2015/01/19/14216220009de34-480.mp4) 于 *[Security Day 2015](https://webtv.univ-lille.fr/video/7560/program-analysis-dynamic-binary-analysis-and-instrumentation)* - 2015-01: [Keynote 📽️](https://webtv.univ-lille.fr/files/videos/2015/01/21/1421794800da971-480.mp4) 于 *[Security Day 2015](https://webtv.univ-lille.fr/video/7564/keynote-securityday)* ### 2014 - 2014-10: [USB Fuzzing : approaches and tools 🖥️](Confs/HackLu14/slides_USB_fuzzing.pdf) 于 *[Hack.lu 2014](https://web.archive.org/web/20141018085859/http://2014.hack.lu/index.php/Main_Page)* - 2014-07: [Software obfuscation: know your enemy 🖥️](Confs/RMLL16/RMLL-Sec-2014-Software_obfuscation_know_your_enemy.pdf)[📽️](https://archives.pass-the-salt.org/RMLL%20Security%20Tracks/2014/videos/RMLL-Sec-2014-obfuscation-logicielle-connaissez-votre-ennemi_high.mp4) 于 *[RMLL 2014](https://web.archive.org/web/20160326122527/https://2014.rmll.info/theme26?lang=fr)* - 2014-06: [Désobfuscation de DRM par attaques auxiliaires 🖥️](Confs/SSTIC14/SSTIC2014-Slides-dsobfuscation_de_drm_par_attaques_auxiliaires.pdf)[📜](Confs/SSTIC14/SSTIC2014-Article-dsobfuscation_de_drm_par_attaques_auxiliaires.pdf) 于 *[SSTIC 2014](https://www.sstic.org/2014/programme/)* - 2014-06: [Obfuscation de code Python : amélioration des techniques existantes 🖥️](Confs/SSTIC14/SSTIC2014-Slides-obfuscation_de_code_python.pdf)[📜](Confs/SSTIC14/SSTIC2014-Article-obfuscation_de_code_python.pdf) 于 *[SSTIC 2014](https://www.sstic.org/2014/programme/)* - 2014-06: [Reconnaissance réseau à grande échelle : port scan is not dead 📜](Confs/SSTIC14/SSTIC2014-Article-port_scan_is_not_dead.pdf) 于 *[SSTIC 2014](https://www.sstic.org/2014/programme/)* - 2014-06: [Recherche de vulnérabilités dans les piles USB : approches et outils 🖥️](Confs/SSTIC14/SSTIC2014-Slides-recherche_de_vulnrabilits_dans_les_piles_usb.pdf)[📜](Confs/SSTIC14/SSTIC2014-Article-recherche_de_vulnrabilits_dans_les_piles_usb.pdf)[📽️](https://static.sstic.org/videos2014/SSTIC_2014-06-05_P02_Recherche_de_vulnerabilites_dans_les_piles_USB_approches_et_outils.mp4) 于 *[SSTIC 2014](https://www.sstic.org/2014/programme/)* - 2014-05: [Port scan is not for pussies, Know yourself, know your enemy 🖥️](Confs/HITB14/D2T1-Why-Port-Scans-are-for-Pussies.pdf) 于 *[HITB 2014 Amsterdam](http://conference.hitb.org/hitbsecconf2014ams/)* ### 2013 - 2013-10: [How Apple Can Read Your iMessages and How You Can Prevent It 🖥️](Confs/HITB13/howapplecanreadyourimessages.pdf)[📽️](https://www.youtube.com/watch?v=EbqZnTKDVU0) 于 *[HITB 2013 Kuala Lumpur](https://archive.conference.hitb.org/hitbsecconf2013kul/)* - 2013-06: [Sécurité des applications Android constructeurs et réalisation de backdoors sans permission 🖥️](Confs/SSTIC13/SSTIC2013-Slides-securite_applications_android.pdf)[📜](Confs/SSTIC13/SSTIC2013-Article-securite_applications_android.pdf) 于 *[SSTIC 2013](https://www.sstic.org/2013/programme/)* - 2013-06: [UEFI and Dreamboot 🖥️](Confs/SSTIC13/D2T1-SebastienKaczmarek-Dreamboot_UEFI_Bootkit.pdf)[📜](Confs/SSTIC13/SSTIC2013-Article-dreamboot_et_uefi-kaczmarek.pdf) 于 *[SSTIC 2013](https://www.sstic.org/2013/programme/)* - 2013-04: [Dreamboot - A UEFI Bootkit 📽️](https://www.youtube.com/watch?v=KvTUE5P-Yhs) 于 *[HITB 2013 Amsterdam](https://archive.conference.hitb.org/hitbsecconf2013ams/)* ### 2012 - 2012-10: [Pwn@Home: An Attack Path to jailbreaking your home router 🖥️](Confs/HITB12/12-10-HTIB-router.pdf) 于 *[HITB 2012 Kuala Lumpur](https://archive.conference.hitb.org/hitbsecconf2012kul/)* - 2012-: [WinRT: The Metro-politan Museum of Security 📽️](https://www.youtube.com/watch?v=XAqPdb2-T9w) 于 *[HITB 2012 Amsterdam](https://archive.conference.hitb.org/hitbsecconf2012ams/)* - 2012-06: [WinRT 🖥️](Confs/SSTIC12/SSTIC2012-Slides-WinRT.pdf)[📜](Confs/SSTIC12/SSTIC2012-Article-WinRT.pdf) 于 *[SSTIC 2012](https://www.sstic.org/2012/programme/)* - 2012-06: [10 ans de SSTIC 🖥️](Confs/SSTIC12/SSTIC-10ans-NF-FR-PB-FINAL.pdf) 于 *[SSTIC 2012](https://www.sstic.org/2012/programme/)* ## Quarkslab 期刊、会议论文集及预印本出版物 ### 2025 - 2025-09: [Identifying obfuscated code through graph-based semantic analysis of binary code 📜](Confs/ANS25/ans-25.pdf) - 2025-07: [Experimental Study of Binary Diffing Resilience on Obfuscated Programs 📜](Confs/DIMVA25/dimva-25.pdf) ### 2024 - 2024-12: [Identifying Obfuscated Code through Graph-Based Semantic Analysis of Binary Code 📜](Confs/ComplexNetworks2024/complexnetworks2024_paper.pdf) - 2024-12: [Faster Signatures from MPC-in-the-Head 📜](https://eprint.iacr.org/2024/252.pdf) - 2024-11: [Improving binary diffing through similarity and matching intricacies 📜](Confs/CAID-2024/CAID24_raffinement_diffing_binaire_paper.pdf) - 2024-08: [MIFARE Classic: exposing the static encrypted nonce variant 📜](https://eprint.iacr.org/2024/1275.pdf) - 2024-02: [Short Signatures from Regular Syndrome Decoding, Revisited 📜](https://eprint.iacr.org/2024/252.pdf) ### 2023 - 2023-06: [Rétro-ingénierie et détournement de piles protocolaires embarquées, un cas d'étude sur le système ESP32 📜](Confs/SSTIC23/SSTIC2023-Article-reverse_de_piles_protocolaires_embarquees_esp32-cauquil_cayre_pGk3IkL.pdf) - 2023-06: [Exploring OpenSSL Engines to Smash Cryptography 📜](Confs/SSTIC23/SSTIC2023-Article-exploring_openssl_engines_to_smash_cryptography-goudarzi_valadon.pdf) - 2023-05: [ESPwn32: Hacking with ESP32 System-on-Chips 📜](Confs/WOOT-2023/woot23-paper22.pdf) - 2023-05: [PASTIS - A Collaborative Approach to Combine Heterogeneous Software Testing Techniques 📜](Confs/SBTF-ICSE-2023/SBFT2023-PASTIS-paper-rdavid.pdf) ### 2022 - 2022-06: [TPM is not the holy way 📜](Confs/SSTIC22/SSTIC2022-Article-tpm_is_not_the_holy_way-forgette_7RUa27n.pdf) - 2022-04: [Building a Commit-level Dataset of Real-world Vulnerabilities 📜](https://dl.acm.org/doi/10.1145/3508398.3511495)[(alt📜)](https://hal.archives-ouvertes.fr/hal-03477866) ### 2021 - 2021-11: [From Source Code to Crash Test-Case through Software Testing Automation 📜](Confs/C%26ESAR-2021/paper-02.pdf) - 2021-11: [Reversing and Fuzzing the Google Titan M Chip 📜](Confs/ROOTS2021/DamianoMelotti_ReversingAndFuzzingTheGoogleTitanMChip_paper.pdf) - 2021-08: [SSE and SSD : Page-Efficient Searchable Symmetric Encryption 📜](Confs/CRYPTO2021/978-3-030-84252-9_6.pdf)[(alt📜)](https://eprint.iacr.org/2021/716.pdf) - 2021-06: [Unlinkable and Invisible γ-Sanitizable Signatures 📜](Confs/ACNS2021/978-3-030-78372-3_10.pdf)[(alt📜)](https://eprint.iacr.org/2020/1490.pdf) - 2021-06: [Exploitation du graphe de dépendance d'AOSP à des fins de sécurité 📜](Confs/SSTIC21/SSTIC2021-Article-bgraph-challande_renault_david.pdf) - 2021-06: [EEPROM : It Will All End in Tears 📜](Confs/SSTIC21/SSTIC2021-Article-eeprom_it_will_all_end_in_tears-herrmann_teuwen.pdf) - 2021-11: [2021 : A Titan M Odyssey 📜](Confs/BlackHat-Europe-21/EU-21-Rossi_Bellom-2021_A_Titan_M_Odyssey-wp.pdf) - 2021-08: [Greybox Program Synthesis : A New Approach to Attack Obfuscation 📜](Confs/BlackHat-USA-21/US-21-David-Greybox-Program-Synthesis-wp.pdf) ### 2020 - 2020-07: [Toward an Asymmetric White-Box Proposal 📜](Confs/JCC2020/2020_893.pdf) - 2020-06: [Fuzz and Profit with WHVP 📜](Confs/SSTIC20/SSTIC2020-Article-fuzz_and_profit_with_whvp-aumaitre.pdf) - 2020-06: [Inter-CESTI : Methodological and Technical Feedbacks on Hardware Devices 📜](Confs/SSTIC20/SSTIC2020-Article-inter-cesti_methodological_and_technical_feedbacks_on_hardware_devices_evaluations-benadjila.pdf) - 2020-02: [QSynth - A Program Synthesis based approach for Binary Code Deobfuscation 📜](Confs/BAR20/bar2020-preprint9.pdf) ### 2019 - 2019-11: [Epona and the Obfuscation Paradox : Transparent for Users and Developers, a Pain for Reversers 📜](https://dl.acm.org/doi/10.1145/3338503.3357722) - 2019-10: [White-Box Cryptography : Don't Forget About Grey-Box Attacks 📜](https://link.springer.com/content/pdf/10.1007/s00145-019-09315-1.pdf) ### 2018 - 2018-09: [Combining obfuscation and optimizations in the real world 📜](Confs/SCAM2018/scam_2018.pdf) - 2018-07: [Quadratic Time Algorithm for Inversion of Binary Permutation Polynomials 📜](Confs/ICMS2018/inversion-z2n-lcns.pdf)[(alt📜)](https://hal.science/hal-01981320/document) - 2018-06: [Attacking serial flash chip : case study of a black box device 📜](Confs/SSTIC18/SSTIC2018-Article-attacking_serial_flash_chip_case_study_of_a_black_box_device-benoit_heilles_teuwen.pdf) - 2018-06: [Symbolic Deobfuscation : From Virtualized Code Back to the Original 📜](Confs/DIMVA18/DIMVA2018-deobfuscation-salwan-bardin-potet.pdf)[(alt📜)](https://hal.science/hal-04478814v1/document) - 2018-04: [Easy::Jit : compiler assisted library to enable just-in-time compilation in C++ codes 📜](https://dl.acm.org/doi/abs/10.1145/3191697.3191725) ### 2017 - 2017-06: [Reconstruction de fonctions virtualisées 📜](Confs/SSTIC17/SSTIC2017_Deobfuscation_of_VM_based_software_protection.pdf) ### 2016 - 2016-11: [Arybo : Manipulation, Canonicalization and Identification of Mixed Boolean-Arithmetic Symbolic Expressions 📜](Confs/GreHack2016/hal-01390528.pdf) - 2016-10: [Binary Permutation Polynomial Inversion and Application to Obfuscation Techniques 📜](Confs/SPRO2016/2995306.2995310.pdf)[(alt📜)](https://inria.hal.science/hal-01388108/document) - 2016-10: [Defeating MBA-based Obfuscation 📜](Confs/SPRO2016/2995306.2995308.pdf)[(alt📜)](https://hal.science/hal-01388109v1/document) - 2016-11: [Ghost in the PLC: Designing an Undetectable Programmable Logic Controller Rootkit via Pin Control Attack 📜](Confs/BlackHat-Europe-16/eu-16-Abbasi-Ghost-In-The-PLC-paper.pdf) - 2016-08: [Differential computation analysis: Hiding your white-box designs is not enough 📜](Confs/CHES2016/978-3-662-53140-2_11.pdf) - 2016-08: [Collecting relations for the Number Field Sieve in $GF(p^6)$ 📜](https://www.cambridge.org/core/journals/lms-journal-of-computation-and-mathematics/article/collecting-relations-for-the-number-field-sieve-in-textgfp6/7CA4DA868670B359E88C9663E4B52F92) - 2016-06: [Design de cryptographie white-box : et à la fin, c'est Kerckhoffs qui gagne 📜](Confs/SSTIC16/SSTIC2016-Article-design_de_cryptographie_white-box_et_a_la_fin_c_est_kerckhoffs_qui_gagne-hubain_teuwen_1.pdf) - 2016-02: [NFLlib: NTT-Based Fast Lattice Library 📜]() ### 2015 - 2015-06: [IRMA : Incident Response and Malware Analysis 📜](Confs/SSTIC15/SSTIC2015-Article-irma_incident_response_and_malware_analysis.pdf) - 2015-06: [Analyse de sécurité de technologies propriétaires SCADA 📜](Confs/SSTIC15/SSTIC2015-Article-analyse_de_scurite_de_technologies_propritaires_scada.pdf) - 2015-06: [Triton: Concolic Execution Framework 📜](Confs/SSTIC15/SSTIC2015_French_Paper_Triton_Framework_dexecution_Concolique_FSaudel_JSalwan.pdf) - 2015-06: [Quatre millions d'échanges de clés par seconde 📜](Confs/SSTIC15/SSTIC2015-Article-4M_kx_per_sec-guinet_aguilar_guelton_lepoint.pdf) ### 20114 - 2014-06: [Désobfuscation de DRM par attaques auxiliaires 📜](Confs/SSTIC14/SSTIC2014-Article-dsobfuscation_de_drm_par_attaques_auxiliaires.pdf) - 2014-06: [Obfuscation de code Python : amélioration des techniques existantes 📜](Confs/SSTIC14/SSTIC2014-Article-obfuscation_de_code_python.pdf) - 2014-06: [Reconnaissance réseau à grande échelle : port scan is not dead 📜](Confs/SSTIC14/SSTIC2014-Article-port_scan_is_not_dead.pdf) - 2014-06: [Recherche de vulnérabilités dans les piles USB : approches et outils 📜](Confs/SSTIC14/SSTIC2014-Article-recherche_de_vulnrabilits_dans_les_piles_usb.pdf) ### 2013 - 2013-06: [Sécurité des applications Android constructeurs et réalisation de backdoors sans permission 📜](Confs/SSTIC13/SSTIC2013-Article-securite_applications_android.pdf) - 2013-06: [UEFI and Dreamboot 📜](Confs/SSTIC13/SSTIC2013-Article-dreamboot_et_uefi-kaczmarek.pdf) ### 2012 - 2012-06: [WinRT 📜](Confs/SSTIC12/SSTIC2012-Article-WinRT.pdf) ## Quarkslab 专业杂志出版物 - 2024-03: [Comprendre et manipuler les mécanismes d’isolation des conteneurs 📜](https://connect.ed-diamond.com/misc/misc-132/comprendre-et-manipuler-les-mecanismes-d-isolation-des-conteneurs) 刊于 MISC Numéro 132 - 2023-05: [Bug Bounty, Quand les hackers deviennent chasseurs de primes ! 📜](https://connect.ed-diamond.com/misc/misc-127/introduction-au-dossier-bug-bounty) 刊于 MISC Numéro 127 - 2023-03: [Comment attaquer un port USB ? 📜](https://connect.ed-diamond.com/misc/misc-126/comment-attaquer-un-port-usb) 刊于 MISC Numéro 126 (免费阅读) - 2023-01: [Dossier: Web 2023, Les nouvelles surfaces d'attaques ! 📜](https://connect.ed-diamond.com/misc/misc-125/introduction-au-dossier-web-2023-les-nouvelles-surfaces-d-attaques) 刊于 MISC Numéro 125 - 2022-11: [Découverte de Fuchsia et analyses préliminaires du Google Nest Hub 📜](https://connect.ed-diamond.com/misc/misc-124/decouverte-de-fuchsia-et-analyses-preliminaires-du-google-nest-hub) 刊于 MISC Numéro 124 - 2022-10: [Isoler ses ressources MS Azure 📜](https://connect.ed-diamond.com/misc/mischs-026/isoler-ses-ressources-ms-azure) 刊于 MISC Numéro HS 26 - 2022-10: [Les nouveautés de sécurité de Kubernetes 📜](https://connect.ed-diamond.com/misc/mischs-026/les-nouveautes-de-securite-de-kubernetes) 刊于 MISC Numéro HS 26 - 2022-10: [Bienvenue chez les cLoud 📜](https://connect.ed-diamond.com/misc/mischs-026/bienvenue-chez-les-cloud) 刊于 MISC Numéro HS 26 - 2022-03: [La compilation statique démythifiée - Une plongée dans les entrailles de mon compilo 📜](https://connect.ed-diamond.com/misc/misc-120/la-compilation-statique-demysthifiee-une-plongee-dans-les-entrailles-de-mon-compilo) 刊于 MISC Numéro 120 (免费阅读) - 2021-09: [Comment analyser un programme : du statique au dynamique jusqu'à l'instrumentation 📜](https://connect.ed-diamond.com/misc/mischs-024/comment-analyser-un-programme-du-statique-au-dynamique-jusqu-a-l-instrumentation) 刊于 MISC HS Numéro 24 - 2021-09: [Introduction au reverse hardware 📜](https://connect.ed-diamond.com/misc/mischs-024/introduction-au-reverse-hardware) 刊于 MISC HS Numéro 24 (免费阅读) - 2021-09: [De l'extraction de firmware à l'exécution de code sur la carte SD FlashAir 📜](https://connect.ed-diamond.com/misc/mischs-024/de-l-extraction-de-firmware-a-l-execution-de-code-sur-la-carte-sd-flashair) 刊于 MISC HS Numéro 24 - 2021-09: [La compilation : du code au binaire... et retour ! 📜](https://connect.ed-diamond.com/misc/mischs-024/la-compilation-du-code-au-binaire...-et-retour) 刊于 MISC HS Numéro 24 (免费阅读) - 2021-09: [Vulnérabilités, Binary Diffing et Crashs 📜](https://connect.ed-diamond.com/misc/misc-117/vulnerabilites-binary-diffing-et-crashs) 刊于 MISC Numéro 117 - 2021-07: [Un EDR sous Android ? 📜](https://connect.ed-diamond.com/misc/misc-116/un-edr-sous-android) 刊于 MISC Numéro 116 (免费阅读) - 2021-03: [Découverte de la puce Titan M a.k.a Citadel 📜](https://connect.ed-diamond.com/MISC/misc-114/decouverte-de-la-puce-titan-m-a.k.a-citadel) 刊于 MISC Numéro 114 (免费阅读) - 2020-11: [Orchestration d'analyse 📜](https://connect.ed-diamond.com/MISC/misc-112/orchestration-d-analyse) 刊于 MISC Numéro 112 (免费阅读) - 2020-11: [Grandeur et décadence de Kubernetes : attaquer le futur Cloud OS 📜](https://connect.ed-diamond.com/MISC/misc-112/grandeur-et-decadence-de-kubernetes-attaquer-le-futur-cloud-os) 刊于 MISC Numéro 112 (免费阅读) - 2020-05: [Introduction à QBDI et ses bindings Python 📜](https://connect.ed-diamond.com/MISC/misc-109/introduction-a-qbdi-et-ses-bindings-python) 刊于 MISC Numéro 109 - 2020-05: [Faciliter la création d'exploits avec DragonFFI : le cas de CVE-200977-18 📜](https://connect.ed-diamond.com/MISC/misc-109/faciliter-la-creation-d-exploits-avec-dragonffi-le-cas-de-cve-200977-18) 刊于 MISC Numéro 109 (免费阅读) - 2019-07: [Exploitation du CVE-200977-18 dans le noyau Windows 📜](https://connect.ed-diamond.com/MISC/misc-104/exploitation-du-cve-200977-18-dans-le-noyau-windows) 刊于 MISC Numéro 104 - 2019-03: [Analyse du contournement de KTRR 📜](https://connect.ed-diamond.com/MISC/misc-102/analyse-du-contournement-de-ktrr) 刊于 MISC Numéro 102 (免费阅读) - 2017-09: [Voyages en C++ie : les symboles 📜](https://connect.ed-diamond.com/MISC/misc-093/voyage-en-cie-les-symboles) 刊于 MISC Numéro 93 (免费阅读) - 2017-07: [Anti-RE 101 📜](https://connect.ed-diamond.com/MISC/misc-092/anti-re-101) 刊于 MISC Numéro 92 ## Quarkslab 硬件 CTF 2025-05: [Hardware CTF v7 🖥️](HardwareCTF/202505_v7_hardweario_usa.pdf) 于 *[Hardwear.io USA 2025](https://hardwear.io/usa-2025/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2788)。 - 2024-10: [Hardware CTF v7 🖥️](HardwareCTF/202410_v7_hardweario_nl.pdf) 于 *[Hardwear.io NL 2024](https://hardwear.io/netherlands-2024/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2561)。 - 2024-05: [Hardware CTF v6 🖥️](HardwareCTF/202405_v6_hardweario_usa.pdf) 于 *[Hardwear.io USA 2024](https://hardwear.io/usa-2024/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2400)。 - 2023-11: [Hardware CTF v6 🖥️](HardwareCTF/202311_v6_hardweario_nl.pdf) 于 *[Hardwear.io NL 2023](https://hardwear.io/netherlands-2023/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2176)。 - 2023-06: [Hardware CTF v5 🖥️](HardwareCTF/202306_v5_hardweario_usa.pdf) 于 *[Hardwear.io USA 2023](https://hardwear.io/usa-2023/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2183)。 - 2022-10: [Hardware CTF v5 🖥️](HardwareCTF/202210_v5_hardweario_nl.pdf) 于 *[Hardwear.io NL 2022](https://hardwear.io/netherlands-2022/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2184)。 - 2022-09: [Hardware CTF v4 🖥️](HardwareCTF/202209_v4_nullcon.pdf) 于 *Nullcon Goa 2022*。结果见 [CTFtime](https://ctftime.org/event/2185)。 - 2022-06: [Hardware CTF v4 🖥️](HardwareCTF/202206_v4_hardweario_usa.pdf) 于 *[Hardwear.io USA 2022](https://hardwear.io/usa-2022/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2186)。 - 2021-10: [Hardware CTF v4 🖥️](HardwareCTF/202110_v4_hardweario_nl.pdf) 于 *[Hardwear.io NL 2021](https://hardwear.io/netherlands-2021/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2187)。 - 2020-03: [Hardware CTF v3 🖥️](HardwareCTF/202003_v3_nullcon.pdf) 于 *Nullcon Goa 2020*。结果见 [CTFtime](https://ctftime.org/event/2188)。 - 2019-09: [Hardware CTF v3 🖥️](HardwareCTF/201909_v3_hardweario_nl.pdf) 于 *[Hardwear.io NL 2019](https://hardwear.io/netherlands-2019/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2189)。 - 2019-06: [Hardware CTF v2 🖥️](HardwareCTF/201906_v2_hardweario_usa.pdf) 于 *[Hardwear.io USA 2019](https://hardwear.io/usa-2019/ctf.php)*。结果见 [CTFtime](https://ctftime.org/event/2190)。 - 2019-03: Hardware CTF v2 于 *Nullcon Goa 2019*。结果见 [CTFtime](https://ctftime.org/event/2191)。 - 2018-09: [Hardware CTF v2 🖥️

标签：ASLR, BinDiff, BLE, Hash算法, MIPS32, Quarkslab, Sighthouse, TruffleHog, Typst, WHAD, 二进制分析, 二进制比对, 云安全运维, 云资产清单, 会议演讲, 学术论文, 嵌入式系统, 开发者评论分析, 情报收集, 技术分享, 文档系统, 混淆技术, 漏洞研究, 硬件安全, 签名检测, 编程语言, 网络安全, 蓝牙低能耗, 调试技术, 逆向工程, 隐私保护