Internships 2017

Tue 18 October 2016 by Bruno

This year we have 5 open positions for internships:

  • Python code obfuscation
  • Bootkit TrustZone
  • Malware hunting in Windows kernel
  • Windows privilege escalation
  • Machine Learning for threat intelligence
Duration of internships : 4-6 months
Location : Paris (Issy les Moulineaux)

Internship 1: Python code obfuscation


The goal of ...

read more

Deep-Dive in WoW64

Mon 12 September 2016 by hakril


When working on PythonForWindows, I had multiple encounters with some specificities of WoW64 (Windows 32-bit on Windows 64-bit) and the challenges/opportunities it offers.

Few weeks ago, I tried to play once again with cross-bitness execution and more precisely 64b Vectored Exception Handler (VEH). What I thought would be ...

read more

The Story of yet another ransom-fail-ware

Tue 07 June 2016 by PAF, mirak

This article explains why it is still worth trying to reverse engineer a ransomware in order to retrieve your encrypted files. You may find a tool to decrypt the files modified by this specific ransomware at the end of the article.

read more

SMM unchecked pointer vulnerability

Mon 30 May 2016 by Bruno


This article explains the exploitation of an SMM unchecked pointer vulnerability present in several firmwares. As this vulnerability is a memory corruption, it only applies to firmwares including the unpatched vulnerable DXE driver.

It first explains the SMM mode and some of its mechanisms, then the reversing of ...

read more

Internships 2015

Fri 24 October 2014 by cedric

This year, we have 4 open positions for internships:

  • Analysis of a virtualization platform
  • Binary instrumentation
  • Bootkit UEFI
  • Indicator Of Compromise (IOC) recovery tool

Internship 1: Analysis of a virtualization platform


The purpose of this internship is to study a virtualization system currently used in the cloud. The effective ...

read more

Exploiting a vulnerability in HTC One bootloader and bruteforcing the PIN/password

Wed 23 July 2014 by cedric


This article deals with the presence of the "read_mmc" command in the HTC One phone. Our target phone had Android 4.2.2 and HBOOT 1.54.0000. This vulnerability has been reported to HTC in February 2014 and has been fixed with the Kit Kat (4.4 ...

read more

A quick security review of the Uhuru Mobile demo ROM

Wed 19 March 2014 by kalenz


From February 23 to February 28, we had the opportunity to look at the demo ROMof Uhuru Mobile. Uhuru Mobile is supposed to be a secure Mobile DevicesManagement solution, including its own store, an application validation processall that on top of a hardened Android with protection against unknown code ...

read more

Internships 2014

Fri 15 November 2013 by cedric

We have 4 open positions for internships:

  • Assessment of tools detecting APT
  • Binary instrumentation
  • Analysis of a virtualization platform
  • Electronic Control Units (ECU) analysis

Internship 1: Assessment of tools detecting APT


The first part of the internship consists of analyzing different solutions that detect advanced attacks. Then, based on ...

read more

Presence at 2013

Wed 02 October 2013 by cedric

As some people may have already noticed, we will be present at 2013!

There has been extensive research and attacks on iPhone bootloaders but the Android world is quite large with multiple hardware manufacturers, and therefore has not been fully explored yet. To fill the void, we have ...

read more

And the winner is... KECCAK !

Wed 24 October 2012 by chrys

On November 2006, NIST (National Institute of Standards and Technology) announced a public competition for developing a new cryptographic hash algorithm which would become SHA-3. The submission dead-line was October 2008. NIST received 64 submissions and announced 51 valid candidates for the first round in December 2008 and 14 (including ...

read more