I’m a security researcher specializing in low-level and web vulnerabilities and exploitation, reverse engineering, and binary analysis.
Publications
- A. Cao, B. Dolan-Gavitt - What the Fork? Finding and Analyzing Malware in GitHub Forks.
- A. Kellas, A. Cao, P. Goodman, J. Yang - Divergent Representations: When Compiler Optimizations Enable Exploitation.
Recent posts
- (xpost) A deep dive into Linux’s new mseal syscall
- Launching a supply chain counter-attack against Google/OpenSSF
- (xpost) Abusing Anubis LMS's Autosave to Break into Student GitHub Repositories
- Finding Fuzzable targets with static analysis and Binary Ninja
- (xpost) Ensemble Fuzzing for Bug-hunting with DeepState