Yan Shoshitaishvili

Associate Professor

Tempe, Arizona, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Yan Shoshitaishvili is an Associate Professor and veteran cybersecurity engineer with 23 years of experience building tools and teaching at the intersection of binary analysis, exploit development, and automated vulnerability discovery. He co-founded the angr binary-analysis framework and pwncollege, led Shellphish CTF as Captain Emeritus, and directs the American Cybersecurity Education Institute, blending research, pedagogy, and competitive security practice. His open-source contributions span low-level projects like angr, rex (automated exploitation), preeny, and driller, demonstrating expertise from symbolic execution to LD_PRELOAD-based binary patching and heap exploitation. At ASU he translates cutting-edge research into curriculum and tools that scale to real-world security problems, while continuing to shepherd developer-facing GUIs and documentation for complex analysis platforms. Notably, his work on automating exploitation (rex) and integrating symbolic execution with fuzzing (driller) reflects a rare combination of offensive craftsmanship and engineering rigor.
code23 years of coding experience
job7 years of employment as a software developer
bookRensselaer Polytechnic Institute
bookDoctor of Philosophy - PhD, Computer Science, Doctor of Philosophy - PhD, Computer Science at University of California, Santa Barbara
github-logo-circle

Github Skills (52)

javascript10
heap-dump10
system-programming10
python10
patch10
vulnerability10
linux10
c1110
c-programming10
binarydiff10
security10
c1710
exploit10
code-analysis10
exp10

Programming languages (10)

DockerfileShellC++CSSCRustTeXJavaScript

Github contributions (5)

github-logo-circle
zardus/ctf-tools

May 2015 - Jul 2020

Some setup scripts for security research tools.
Role in this project:
userSecurity Engineer
Contributions:315 commits, 148 PRs, 396 pushes in 5 years 3 months
Contributions summary:Yan's contributions primarily involve integrating and patching security-related tools. They worked on integrating tools such as crosstool-ng, pathgrind, xspy, and qira, showing a focus on security analysis. Furthermore, they fixed paths, made adjustments to build processes, and addressed vulnerabilities in tools, specifically stegdetect and elfparser.
security-toolssecurity-researchbugbountysecuritypenetration-testing
zardus/preeny

Mar 2015 - Feb 2019

Some helpful preload libraries for pwning stuff.
Role in this project:
userBack-end Developer & Security Engineer
Contributions:1 release, 56 commits, 44 PRs in 3 years 11 months
Contributions summary:Yan contributed significantly to the `preeny` project, a collection of preload libraries for pwning. Their work involved implementing features that patch binaries via `LD_PRELOAD`, indicating a focus on system-level modifications and binary analysis. They also addressed bug fixes and added logging capabilities for debugging, demonstrating involvement in core functionality and system interactions, as well as security testing and exploitation techniques. Further contributions include functionalities for random number generation, socket interception and manipulation, and signal handling.
helpfulpreload
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Yan Shoshitaishvili - Associate Professor