Skip to content
View ESultanik's full-sized avatar

Organizations

@crytic

Block or report ESultanik

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
ESultanik/README.md

Evan Sultanik, Ph.D.

Twitter Link website CC BY NC SA 4.0

Evan is a principal computer security researcher based in Philadelphia working at Trail of Bits. He has a couple dozen academic publications, but most of them are related to distributed systems and combinatorial optimization, not security. He is also an editor of and frequent contributor to the offensive computer security journal Proof of Concept or GTFO.

Evan’s woefully out-of-date rΓ©sumΓ© is a PDF that is also a ZIP as well as an Nintendo Entertainment System ROM! That’s right: Evan’s rΓ©sumΓ© PDF is a valid NES ROM that you can emulate! Check the footnotes on the first page. If you don't have an NES emulator handy, you can actually emuluate the PDF in your browser. Evan also has an even more woefully out-of-date academic curriculum vitΓ¦.

Aside from when writing in a biographical format, Evan does not usually refer to himself in the third person.

The following are some of my selected projects.

Program Analysis πŸ”Ž

Automated program instrumentation and bug-finding. This section is for general program analysis tools. Tools related to to Blockchain technology and smart contracts are in their own section, below.

PolyTracker

co%E2%80%91creator maintainer GitHub GitHub Stars PyPI Downloads License

An LLVM-based universal taint and data-flow analysis instrumentation framework. Can track up to 232 input bytes.

Manticore

contributor GitHub GitHub Stars PyPI Downloads License

Symbolic execution engine for x86, ARM, and EVM.

Fickling

creator maintainer GitHub GitHub Stars PyPI Downloads License

Fickling is a decompiler, static analyzer, and bytecode rewriter for Python pickle object serializations.

Pickled Python objects are in fact bytecode that is interpreted by a stack-based virtual machine built into Python called the "Pickle Machine". Fickling can take pickled data streams and decompile them into human-readable Python code that, when executed, will deserialize to the original serialized object.

I do not prescribe any meaning to the β€œF” in Fickling; it could stand for β€œfickle,” … or something else. Divining its meaning is a personal journey in discretion and is left as an exercise to the reader.

Learn more about it in our blog post and DEF CON 2021 talk.

Funky Files πŸ“„

A lot of my recent work has been on developing examples of funky files that exploit buggy file formats and parsers (see the footnotes on the first page of my rΓ©sumΓ©, for example), as well as tools to make file formats and parsers safer.

PolyFile

creator maintainer GitHub GitHub Stars PyPI Downloads License

A cleanroom, pure-Python implementation of libmagic that can identify files, is smart about polyglots (files that are multiple types at the same time), can output an interactive HTML-based hex viewer, and recursively enumerate the contents of a file (similar to binwalk).

A PDF Git Repository Polyglot

creator

I created a PDF that is a git repository that, when cloned, contains its LaTeX source code and a copy of itself. The PDF contains an article describing how I did it.

Utilities πŸ› 

I enjoy building generic command line utilities and libraries.

Graphtage

creator maintainer GitHub GitHub Stars PyPI Downloads License

Graphtage is a command-line utility and underlying library for semantically comparing and merging tree-like structures, such as JSON, XML, HTML, YAML, plist, and CSS files. Its name is a portmanteau of β€œgraph” and β€œgraftage”—the latter being the horticultural practice of joining two trees together such that they grow as one.

It-Depends

co%E2%80%91creator maintainer GitHub GitHub Stars PyPI Downloads License

It-Depends is a tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories. You can use it to enumerate all third party dependencies for a software package, map those dependencies to known security vulnerabilities, as well as compare the similarity between two packages based on their dependencies.

Notify When Done (nwd)

creator maintainer GitHub GitHub Stars PyPI Downloads License

Notify When Done (nwd) is a utility for triggering alerts when a process finishes. Kicking off a long-running compile? NWD can post a popup notification when it's done. Starting a job on a remote server? nwd can send you an E-mail when it’s done. Want to run a custom script once another finishes? nwd can facilitate that, too.

Biggest

creator maintainer GitHub GitHub Stars PyPI Downloads License

A utility for finding the largest directories and/or files in a given directory hierarchy. Biggest supports pretty printed and colorized output to the terminal.

Cryptography πŸ”

Despite dabbling in cryptography, I am not a cryptographer. Do not use this code to secure your secrets.

Lenticrypt

creator maintainer GitHub GitHub Stars PyPI Downloads License

A proof-of-concept cryptosystem that provides provable plausibly deniable encryption. Lenticrypt can generate a single ciphertext file such that different plaintexts are generated depending on which key is used for decryption.

Blockchain β›“

β€œCrypto” πŸ‘ Means πŸ‘ Cryp πŸ‘ to πŸ‘ gra πŸ‘ phy!

I no longer own any cryptocurrency. I know too much about how the sausage is made.

The most ethical way I can contribute to that ecosystem is to build tools that at least make it safer for those who are willing to transact with it. The following are those tools.

Etheno

creator maintainer GitHub GitHub Stars PyPI Downloads License

Etheno is the Ethereum testing Swiss Army knife. It’s a JSON RPC multiplexer, analysis tool wrapper, and test integration tool. It eliminates the complexity of setting up analysis tools like Manticore and Echidna on large, multi-contract projects. In particular, custom Manticore analysis scripts require less code, are simpler to write, and integrate with Truffle.

solc-select

creator GitHub GitHub Stars PyPI Downloads License

I am the creator of the original version of solc-select: A tool to quickly switch between Solidity compiler versions.

Slither

contributor GitHub GitHub Stars PyPI Downloads License

I am a contributor to Slither, a Solidity static analysis framework. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.

Ethereum Security Toolbox

creator maintainer GitHub GitHub Stars License Docker Pulls

This is a Docker container I built that is preconfigured and automatically updated with the latest Ethereum security tooling.

Echidna

contributor GitHub GitHub Stars License

I am a contributor to Echidna, a fuzzer/property-based tester of Ethereum smarts contracts. It uses sophisticated grammar-based fuzzing campaigns based on a contract ABI to falsify user-defined predicates or Solidity assertions.

Pinned Loading

  1. lenticrypt lenticrypt Public

    A simple cryptosystem that provides provable plausibly deniable encryption.

    Python 87 10

  2. PDFGitPolyglot PDFGitPolyglot Public

    In which a PDF is a Git Repository Containing its own LaTeX Source and a Copy of Itself

    TeX 32 3

  3. crytic/etheno crytic/etheno Public

    Simplify Ethereum security analysis and testing

    Python 335 32

  4. trailofbits/graphtage trailofbits/graphtage Public

    A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.

    Python 2.4k 46

  5. trailofbits/polytracker trailofbits/polytracker Public

    An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.

    C++ 537 45

  6. trailofbits/polyfile trailofbits/polyfile Public

    A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewer

    Python 338 22