I’m a first-year student @ NYU and a security engineer. I’ve previously worked at Trail of Bits and SSL. I specialize in program analysis and reverse engineering, cryptography, compilers, and security automation.

I’m passionate about building secure and efficient systems that bridge together with research innovations. Previous professional and personal work I’ve done included endeavors in scalable intrusion detection, fuzzing automation, and cryptographic assurance. I’m looking forward to working more with distributed systems, privacy research, and technical governance and policy.

I also write here! Besides the usual security/software development articles, I also (want to) publish about the intersectionaliy between security and culture, and technical governance.

Feel free to reach out if have any specific inquiries! You can also find a copy of my resume here.


Notable Work

Professional

  • sandshrew ~ Manticore-based plugin for concolic testing and verification on cryptographic software.
  • DeepState ~ unit test-like interface for fuzzing and symbolic testing.

Personal

  • brute ~ crowd-soruced credential stuffing engine for security professionals.
  • binsec ~ Swiss Army Tool for Binary (In)security
  • microkv ~ minimal persistent key-value store built for security.
  • confine ~ binary application firewall written in Rust.
  • ... and more on Github!


Research

  • ffuzz ~ grammar fuzzing architecture (stealth mode)
  • CrashSimulator ~ crash-replay system that performs mutation analysis through anomaly injection.
  • PolyPasswordHasher.rs ~ Rust implementation for the PolyPasswordHasher secret sharing-based password database.
  • Ghostpass ~ novel(ty) cryptosystem based on textual steganography and plausible deniability.

Misc. & Archived

  • doxbox ~ web-based OSINT and reconaissance toolkit.
  • newton.css ~ experimental CSS typography framework for minimal design.


Contact Me

You can reach out to me through email at alan [at] codemuch.tech, or find me on Keybase as @ex0dus.

You can also find me on Github, Twitter and LinkedIn.