Quarkslab is a French company specializing in information security R&D, consulting and software development. Our expertise is in combining offensive and defensive security to help organizations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organizations, helping them to protect their assets, sensitive data, and users against increasingly sophisticated attacks.
Quarkslab is an avid and active user of, and contributor to, Open Source Software and develops and maintains state-of-the-art security tools such as LIEF , QBDI, Triton, Irma, and several other projects.
We develop two commercial software products: QFlow, a platform to automate and orchestrate security analysis of files at scale, and QShield, advanced code and data protection software to disrupt code lifting, reverse engineering and tampering attacks.
At Quarkslab, we have been developing application protection tools since 2014, featuring obfuscation and runtime application self protections (RASP). This tool relies on a compiler framework, LLVM, and thus comes as a replacement of the regular compiler used by our customers.
A challenge we face is to explain the impact of these protections to our customers during sales meetings, events, and technical training processes: many of our partners have limited or even no knowledge about reverse engineering and the internals of a compiler.
The goal of this internship is to design a series of demonstrations (code and documentation) and presentations for the protections provided by our tools. You will work under the supervision of our Product Manager, with the support of the engineering, marketing and CX teams. You will first have to understand how the tool and its various protections work, and then find ways to make them accessible to non-experts.
What you will do
During the internship, you will learn:
A now well-known obfuscation technique relies on so-called Mixed Boolean-Arithmetic (MBA) expressions:
Some info about MBA can be found in this article
How to Apply?
To apply for an internship position, you must be a student, able to communicate effectively technical matters in written and spoken English, and willing to present the results of your internship to a large group of curious Quarkslab colleagues.
To apply prepare the following elements:
Package these elements and send them via email to internship-AT-quarkslab-DOT-com, with the subject field containing the internship name mentioned in the respective offer. Alternatively, you can apply here with all the above attached.
Do not forget that the key aspect of a good application is to show what you have already achieved, related to the topic or not. So do not be shy and apply! We know that you can do it.
Each internship offer comes with a little assignment that should not require too much time to be completed. The result will show us not only the type of skills and knowledge you already possess, but also how ingenious you are and how well you can present your reasoning. It will serve as the basis for the interview you will have in the selection process. The assignment works both ways and is also intended to make sure that you like the topic as well as the technical aspects of the internship. If unsure about a specific aspect of a challenge, do not hesitate to drop us an email. We want to discuss not frustrate you!
The first applications usually reach us by November, and we start reviewing them right away. Every year, the filling is alike: half of the internships are filled by Christmas, while the others remain open until March.
Being an Intern at Quarkslab
We consider internships as opportunities to spot profiles that match how we work. They are intended to guide students to enter the professional world as potential future colleagues if they feel like it. We love interns because they bring fresh air to the company and because we see them grow, not only during the internship but also after, when they are hired and can get to work on so many other topics. There are two goals in every internship we offer:
Training and growing people in the security industry is part of the company's DNA. That is why we provide in-depth blogposts, tools, trainings, weekly internal conferences (called fridaycon, guess when they are), we teach in universities and schools, write articles in tech magazines and send our less experienced hires to a 6-month intensive training program (BADGE-RE or BADGE-SO). Sharing is caring, but sharing is also learning. We provide the environment for that the rest relies on you.
Intern package in France:
To qualify as a candidate, you should: