I'm Robin - I am Software Security Researcher @ Quarkslab. You can find below some projects I am developing or contributing to.
Fuzzing / Symbolic Execution:
- PASTIS: Collaborative fuzzing infrastructure. It leverages AFL++, Honggfuzz and TritonDSE (thus greybox and whitebox fuzzing) for program coverage and bug discovery.
- TritonDSE: Symbolic Execution engine based on Triton built for automatic program coverage exploration. It has been design to encompass multiple program analysis use-cases.
Deobfuscation / Program Synthesis:
- Qsynthesis: Program synthesizer geared for deobfuscation. It leverages, Triton for symbolic execution, and also LevelDB, Z3 llvmlite, capstone
- idasec: (unmaintained anymore), opaque predicate deobfuscation, trace generation via an IDA Pro plugin (using Binsec)
Diffing / Firmware Analysis: Portal
- QBinDiff: Binary differ, based on Network Alignment and Belief Propagation
- python-bindiff: Python wrapper and API for Bindiff
- python-binexport: Python wrapper and API for BinExport
Other:
- pydimacs, simple module to manipule CNF (Conjonctive Normal Form), graphs using Z3 Python API
β¬ οΈ just here
- Our Pwn2Own journey against time and randomness Pt.2
- PASTIS: for Distributed Ensemble Fuzzing
- QBinDiff: A modular diffing toolkit
- Introducing TritonDSE for Dynamic Symbolic Execution
- A Brief Overview of Auditing Polkadot XCMv2
- Audit of the MimbleWimble Integration Inside Litecoin
- Remote Denial-of-Service on CycloneTCP : CVE-2021-26788
- An Experimental Study of Different Binary Exporters
