Projects


X-Force Tread

During my 2023 summer internship with IBM X-Force Red, my team discovered several vulnerabilities in smart treadmills. We wanted to know what risks internet-connected gym equipment posed to users, including privacy, cybersecurity, and physical security risks. This research resulted in 6 CVEs being assigned and demonstrated that some of these machines can be stopped remotely while they are being used, resulting in potential harm to a user.

Official Article: X-Force discovers new vulnerabilities in smart treadmill

Blog Post: X-Force Tread


ChatCSEC

As my undergraduate Capstone project, I am working with a team to develop a chatbot based on a large language model (LLM) that is trained with specialized cybersecurity knowledge. The chatbot is designed to assist cybersecurity students by providing recent and detailed information in response to queries related to computing security.

Project Link: https://github.com/NamesAreDifficult/ChatCSEC


Attacking 1000 Guess

My final project in my Blockchain Security class involved demonstrating a security weakness associated with blockchain technology. I worked with a team to develop an implementation of the insecure decentralized application 1000 Guess, a lottery game running as a decentralized application (dApp) on the Ethereum blockchain. Additionally, we demonstrated an attack against the original game and created a version of the game that is not vulnerable to the attack.

Project Link: https://github.com/qu3ri/Attacking-1000-Guess

Blog Post: Attacking 1000 Guess

Presenations

RITlug Talks:
Intro to the Linux Command Line
Pluggable Authentication Modules (PAM)
Pentesting Linux Systems
Mainframes


RITSEC Talks:
Vim Power Users
Pentesting
Introduction to Mainframes and z/OS X-Force tREaD