Course Overview
An intensive, project-driven exploration of computer security principles and applied cryptography. The coursework focused on exploiting memory safety vulnerabilities at the binary level, identifying web application flaws, and engineering cryptographically secure systems from the ground up to resist active adversaries.
Security Warning: Do not click this suspicious link
Core Project: Secure File Sharing System (project2, Go)
Architected a secure, end-to-end encrypted, and distributed file-sharing client in Go, capable of resisting active Datastore adversaries attempting to tamper with or leak data.
- Cryptographic Data Protection: Designed a robust Authenticated Encryption scheme (Encrypt-then-MAC) utilizing AES and HMAC to guarantee data confidentiality and integrity. Securely derived keys from user passwords via HashKDF and employed deterministic UUIDs to obscure storage locations.
- Secure Sharing & Access Control: Implemented a cryptographic capability system using RSA digital signatures and hybrid encryption. Facilitated secure file sharing by appending encrypted invitations and verifying owner signatures, ensuring only authorized users could reconstruct the symmetric file keys.
- Efficient File Revocation & Appends: Engineered a strict revocation mechanism that completely regenerates symmetric keys and randomizes Datastore UUIDs, permanently evicting revoked users. Optimized file modifications by appending encrypted blocks (maintaining MACs and IVs), significantly minimizing network bandwidth overhead.
Individual Security Projects
Completed a rigorous series of offensive security assignments, focusing on low-level binary exploitation in C/x86 and web application vulnerability discovery.
1. Memory Safety Vulnerabilities & Exploitation (project1, C/x86 Assembly/Python)
Developed sophisticated exploits to bypass modern binary protection mechanisms (ASLR, Stack Canaries, NX bits) on x86 Linux architectures.
- Advanced Stack Smashing & Pivoting: Executed buffer overflows via integer sign-extension bugs (
fread) and off-by-one loop errors. Weaponized saved frame pointer (SFP) overwrites to pivot the stack (ebp) and redirect execution flow to custom shellcode stored in environment variables. - Protection Bypasses (ASLR & Canaries): Defeated stack canaries through out-of-bounds read info-leaks. Bypassed ASLR by leaking memory addresses (e.g.,
printflocation) and executing “ret2ret” stack juggling chains to smoothly land on execution targets. - Format String & Concurrency Exploits: Exploited format string vulnerabilities (
%hn) to perform arbitrary half-word memory writes and overwrite instruction pointers (rip). Weaponized Time-of-Check to Time-of-Use (TOCTOU) race conditions to bypass file length validations and trigger buffer overflows.
2. Web Application Security (project3, Web/SQL/JS)
Discovered and exploited severe vulnerabilities in a mock web platform, subsequently formulating and implementing robust mitigation strategies.
- Injection & Path Traversal: Exploited unparameterized SQL queries via search inputs and session token cookies to bypass authentication and exfiltrate administrator database hashes (subsequently cracked offline using Hashcat and dictionary attacks). Leveraged file-renaming flaws to execute Directory Traversal (
../) and leak internal server configuration files. - Cross-Site Scripting (XSS) & CSRF: Chained Stored and Reflected XSS vulnerabilities to execute malicious JavaScript contextually. Successfully hijacked user session cookies and forged state-changing POST requests to trigger unauthorized mass file deletions.
- Vulnerability Mitigation: Proposed comprehensive defense mechanisms, including parameterized SQL queries, strict input sanitization/escaping, and the implementation of robust Content Security Policies (CSP) to neutralize script injections.
Technical Stack
- Languages: Go, C, x86 Assembly, Python, SQL, JavaScript
- Concepts: Applied Cryptography (Symmetric/Asymmetric, HMAC, KDF), Buffer Overflows, ROP, ASLR/Canary bypass, XSS, SQLi, CSRF, TOCTOU.
- Tools: GDB, Hashcat.