Linux Command Collection

Hi I decided to write down a collection of¬†Linux¬†commands that I have found useful. So, here we go: Open Ports   Note: will keep it updated from time to time.

CTF Workshop 2021

On behalf of the Institute of Cybersecurity and Privacy, UGA, I would like to invite you to join us in our upcoming UGA Capture The Flag (CTF) Workshop. This workshop will be open to all UGA Computer Science and CyberSecurity&Privacy students who are interested in learning practical cybersecurity skills and potentially joining the UGA CTF…

Secure Programming [CSCI 8245]

This is a special course I teach at the University of Georgia every Spring semester. This is a senior grad class. In this course, students will first learn about security threats of unsafe language and program analysis methods to identify software vulnerabilities. Later, the class will continue based on the fastest-growing memory-safe language (i.e. Rust)…

CyberSecurity [CSCI 4250/6250]

This is a regular course I teach at the University of Georgia every Fall semester. This is a combined class (i.e. both undergrads and grads students are welcome). This is an introductory class on cybersecurity where we mostly focus on software, system, web, and network security with a minor in cryptography, mobile, hardware, IoT, AI…

Kernel Fuzzer

MoonShine: Optimizing OS Fuzzer Seed Selection with Trace Distillation Link: https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-pailoor.pdfSource Code: N/A Summary: Syzkaller is one of the most popular kernel fuzzer. It generates a sequence of random system calls. Due to the randomness, most of them are unrealistic cases. They lose the efficiency because they don’t consider dependency (both implicit and explicit) among system…

Control Flow Integrity

GRIFFIN: Guarding Control Flows Using Intel Processor Trace Link:https://dl.acm.org/citation.cfm?id=3037716Source Code:https://github.com/TJAndHisStudents/Griffin-Trace Summary: The author only attempt to prove the performance overhead optimization using Intel PT for online verification. They claim to verify the enforcement policy for both backward and forward indirect control transfer with different strictness of policy when they completely discard the discussion regarding how they…