About me

I am a PhD student working on the CHERI research project at Cambridge. My PhD explores the security benefits that CHERI provides (and does not), by means of identifying vulnerabilities that induce CHERI crashes and those that do not, as well as limitations and successful attempts in exploitation of existing and new-found vulnerabilities in CHERI-enabled systems. Additionally, I explore non-CHERI stuff, systems, toolchain and software in general. I’ve also taken part in several cybersecurity competitions, focusing on binary exploitation.

• Email: zyj20 [at] cl [dot] cam [dot] ac [dot] uk
• Github profile
• resume.pdf

Selected projects

• CheriBSD KASAN:

KASAN support for CHERI-enabled hardware, CHERI+KASAN performance enhancements, KASAN OOB and UAF detection enhancements applicable to FreeBSD.

• CHERI+ASan:

AddressSanitizer for CheriABI programs with CHERI-enabled performance and memory enhancements.

• CHERI+AFL++ (not released yet):

AFL++ fuzzer for CheriABI programs using LLVM PCGUARD.

• [With HackerChai] Syzkaller for CheriBSD (not released yet):

Kernel fuzzer for CheriBSD purecap kernels based on syzkaller and enhanced fuzzing capabilities.

• GEF with Morello support:

GDB Enhanced Features to make debugging CheriABI programs more appealing.

• GEF extra plugins:

jemalloc and snmalloc GEF heap analysis plugins.

• Ghidra with Morello support:

Working Ghidra SRE suite for Arm Morello architecture.

• Unicorn with Morello support:

Emulation of Arm Morello CPU instructions.