Projects

A selection of my technical work

PPST

Privacy Policy Summary Tool (PPST)

PPST is a full-stack application that helps users understand privacy policies quickly. It summarizes what data is collected, how it's used, and who it's shared with. Additionally, it highlights risky terms or practices related to user data privacy.

Live App
md5-collision

MD5 Collision

Demonstrated how MD5 collisions can be generated and exploited using available tools, and to understand the underlying vulnerabilities in the MD5 hashing algorithm.

GitHub Repo
rand-num

Random Number Generation for Security

Implemented and analyzed random number generators used in security applications like encryption key creation.

GitHub Repo
symmetric encryption

Symmetric Enc. & Cipher Modes

Explored common vulnerabilities due to misconfiguration or misuse of cryptographic modes, and demonstrated attacks like known-plaintext and chosen-plaintext attacks.

GitHub Repo
pub-key-enc

Public Key Enc. and Digital Signatures

Demonstrated practical usage of RSA for secure communication, encryption, decryption, and digital signatures using both C (with OpenSSL) and Python.

GitHub Repo
Buffer Overflow

Buffer Overflow Exploitation

Used SEED Labs to bypass ASLR and craft exploits targeting vulnerable binaries in a sandboxed lab.

GitHub Repo
XSS Attack

Cross-Site Scripting (XSS)

Demonstrated XSS vulnerabilities in Elgg, built a self-replicating worm, and studied its impact.

View Report