Skip to content
View ESultanik's full-sized avatar

Organizations

@crytic
Block or Report

Block or report ESultanik

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
ESultanik/README.md

Evan Sultanik, Ph.D.

Twitter Link website CC BY NC SA 4.0

Evan is a principal computer security researcher based in Philadelphia working at Trail of Bits. He has a couple dozen academic publications, but most of them are related to distributed systems and combinatorial optimization, not security. He is also an editor of and frequent contributor to the offensive computer security journal Proof of Concept or GTFO.

Evan’s woefully out-of-date résumé is a PDF that is also a ZIP as well as an Nintendo Entertainment System ROM! That’s right: Evan’s résumé PDF is a valid NES ROM that you can emulate! Check the footnotes on the first page. If you don't have an NES emulator handy, you can actually emuluate the PDF in your browser. Evan also has an even more woefully out-of-date academic curriculum vitæ.

Aside from when writing in a biographical format, Evan does not usually refer to himself in the third person.

The following are some of my selected projects.

Program Analysis 🔎

Automated program instrumentation and bug-finding. This section is for general program analysis tools. Tools related to to Blockchain technology and smart contracts are in their own section, below.

PolyTracker

co%E2%80%91creator maintainer GitHub GitHub Stars PyPI Downloads License

An LLVM-based universal taint and data-flow analysis instrumentation framework. Can track up to 232 input bytes.

Manticore

contributor GitHub GitHub Stars PyPI Downloads License

Symbolic execution engine for x86, ARM, and EVM.

Fickling

creator maintainer GitHub GitHub Stars PyPI Downloads License

Fickling is a decompiler, static analyzer, and bytecode rewriter for Python pickle object serializations.

Pickled Python objects are in fact bytecode that is interpreted by a stack-based virtual machine built into Python called the "Pickle Machine". Fickling can take pickled data streams and decompile them into human-readable Python code that, when executed, will deserialize to the original serialized object.

I do not prescribe any meaning to the “F” in Fickling; it could stand for “fickle,” … or something else. Divining its meaning is a personal journey in discretion and is left as an exercise to the reader.

Learn more about it in our blog post and DEF CON 2021 talk.

Funky Files 📄

A lot of my recent work has been on developing examples of funky files that exploit buggy file formats and parsers (see the footnotes on the first page of my résumé, for example), as well as tools to make file formats and parsers safer.

PolyFile

creator maintainer GitHub GitHub Stars PyPI Downloads License

A cleanroom, pure-Python implementation of libmagic that can identify files, is smart about polyglots (files that are multiple types at the same time), can output an interactive HTML-based hex viewer, and recursively enumerate the contents of a file (similar to binwalk).

A PDF Git Repository Polyglot

creator

I created a PDF that is a git repository that, when cloned, contains its LaTeX source code and a copy of itself. The PDF contains an article describing how I did it.

Utilities 🛠

I enjoy building generic command line utilities and libraries.

Graphtage

creator maintainer GitHub GitHub Stars PyPI Downloads License

Graphtage is a command-line utility and underlying library for semantically comparing and merging tree-like structures, such as JSON, XML, HTML, YAML, plist, and CSS files. Its name is a portmanteau of “graph” and “graftage”—the latter being the horticultural practice of joining two trees together such that they grow as one.

It-Depends

co%E2%80%91creator maintainer GitHub GitHub Stars PyPI Downloads License

It-Depends is a tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories. You can use it to enumerate all third party dependencies for a software package, map those dependencies to known security vulnerabilities, as well as compare the similarity between two packages based on their dependencies.

Notify When Done (nwd)

creator maintainer GitHub GitHub Stars PyPI Downloads License

Notify When Done (nwd) is a utility for triggering alerts when a process finishes. Kicking off a long-running compile? NWD can post a popup notification when it's done. Starting a job on a remote server? nwd can send you an E-mail when it’s done. Want to run a custom script once another finishes? nwd can facilitate that, too.

Biggest

creator maintainer GitHub GitHub Stars PyPI Downloads License

A utility for finding the largest directories and/or files in a given directory hierarchy. Biggest supports pretty printed and colorized output to the terminal.

Cryptography 🔐

Despite dabbling in cryptography, I am not a cryptographer. Do not use this code to secure your secrets.

Lenticrypt

creator maintainer GitHub GitHub Stars PyPI Downloads License

A proof-of-concept cryptosystem that provides provable plausibly deniable encryption. Lenticrypt can generate a single ciphertext file such that different plaintexts are generated depending on which key is used for decryption.

Blockchain ⛓

“Crypto” 👏 Means 👏 Cryp 👏 to 👏 gra 👏 phy!

I no longer own any cryptocurrency. I know too much about how the sausage is made.

The most ethical way I can contribute to that ecosystem is to build tools that at least make it safer for those who are willing to transact with it. The following are those tools.

Etheno

creator maintainer GitHub GitHub Stars PyPI Downloads License

Etheno is the Ethereum testing Swiss Army knife. It’s a JSON RPC multiplexer, analysis tool wrapper, and test integration tool. It eliminates the complexity of setting up analysis tools like Manticore and Echidna on large, multi-contract projects. In particular, custom Manticore analysis scripts require less code, are simpler to write, and integrate with Truffle.

solc-select

creator GitHub GitHub Stars PyPI Downloads License

I am the creator of the original version of solc-select: A tool to quickly switch between Solidity compiler versions.

Slither

contributor GitHub GitHub Stars PyPI Downloads License

I am a contributor to Slither, a Solidity static analysis framework. It runs a suite of vulnerability detectors, prints visual information about contract details, and provides an API to easily write custom analyses. Slither enables developers to find vulnerabilities, enhance their code comprehension, and quickly prototype custom analyses.

Ethereum Security Toolbox

creator maintainer GitHub GitHub Stars License Docker Pulls

This is a Docker container I built that is preconfigured and automatically updated with the latest Ethereum security tooling.

Echidna

contributor GitHub GitHub Stars License

I am a contributor to Echidna, a fuzzer/property-based tester of Ethereum smarts contracts. It uses sophisticated grammar-based fuzzing campaigns based on a contract ABI to falsify user-defined predicates or Solidity assertions.

Pinned

  1. lenticrypt lenticrypt Public

    A simple cryptosystem that provides provable plausibly deniable encryption.

    Python 87 10

  2. PDFGitPolyglot PDFGitPolyglot Public

    In which a PDF is a Git Repository Containing its own LaTeX Source and a Copy of Itself

    TeX 31 2

  3. crytic/etheno crytic/etheno Public

    Simplify Ethereum security analysis and testing

    Python 327 32

  4. trailofbits/graphtage trailofbits/graphtage Public

    A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.

    Python 2.3k 48

  5. trailofbits/polytracker trailofbits/polytracker Public

    An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.

    C++ 487 43

  6. trailofbits/polyfile trailofbits/polyfile Public

    A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewer

    Python 318 21

583 contributions in the last year

7 contributions on March 19th.No contributions on March 26th.No contributions on April 2nd.No contributions on April 9th.No contributions on April 16th.No contributions on April 23rd.No contributions on April 30th.No contributions on May 7th.1 contribution on May 14th.1 contribution on May 21st.No contributions on May 28th.2 contributions on June 4th.2 contributions on June 11th.1 contribution on June 18th.No contributions on June 25th.No contributions on July 2nd.1 contribution on July 9th.No contributions on July 16th.No contributions on July 23rd.No contributions on July 30th.No contributions on August 6th.No contributions on August 13th.No contributions on August 20th.No contributions on August 27th.No contributions on September 3rd.7 contributions on September 10th.No contributions on September 17th.No contributions on September 24th.No contributions on October 1st.No contributions on October 8th.2 contributions on October 15th.2 contributions on October 22nd.9 contributions on October 29th.No contributions on November 5th.No contributions on November 12th.No contributions on November 19th.No contributions on November 26th.3 contributions on December 3rd.4 contributions on December 10th.4 contributions on December 17th.No contributions on December 24th.No contributions on December 31st.19 contributions on January 7th.No contributions on January 14th.No contributions on January 21st.1 contribution on January 28th.1 contribution on February 4th.7 contributions on February 11th.No contributions on February 18th.No contributions on February 25th.1 contribution on March 3rd.No contributions on March 10th.No contributions on March 17th.6 contributions on March 20th.No contributions on March 27th.No contributions on April 3rd.No contributions on April 10th.No contributions on April 17th.No contributions on April 24th.8 contributions on May 1st.No contributions on May 8th.No contributions on May 15th.3 contributions on May 22nd.1 contribution on May 29th.No contributions on June 5th.1 contribution on June 12th.No contributions on June 19th.1 contribution on June 26th.No contributions on July 3rd.No contributions on July 10th.2 contributions on July 17th.1 contribution on July 24th.No contributions on July 31st.No contributions on August 7th.No contributions on August 14th.No contributions on August 21st.No contributions on August 28th.No contributions on September 4th.4 contributions on September 11th.No contributions on September 18th.No contributions on September 25th.No contributions on October 2nd.3 contributions on October 9th.3 contributions on October 16th.1 contribution on October 23rd.7 contributions on October 30th.9 contributions on November 6th.8 contributions on November 13th.7 contributions on November 20th.No contributions on November 27th.4 contributions on December 4th.3 contributions on December 11th.2 contributions on December 18th.No contributions on December 25th.No contributions on January 1st.No contributions on January 8th.No contributions on January 15th.No contributions on January 22nd.No contributions on January 29th.6 contributions on February 5th.No contributions on February 12th.No contributions on February 19th.No contributions on February 26th.No contributions on March 4th.No contributions on March 11th.No contributions on March 18th.3 contributions on March 21st.No contributions on March 28th.No contributions on April 4th.No contributions on April 11th.No contributions on April 18th.No contributions on April 25th.5 contributions on May 2nd.No contributions on May 9th.No contributions on May 16th.6 contributions on May 23rd.1 contribution on May 30th.2 contributions on June 6th.4 contributions on June 13th.2 contributions on June 20th.2 contributions on June 27th.No contributions on July 4th.No contributions on July 11th.No contributions on July 18th.No contributions on July 25th.No contributions on August 1st.6 contributions on August 8th.1 contribution on August 15th.No contributions on August 22nd.No contributions on August 29th.1 contribution on September 5th.4 contributions on September 12th.No contributions on September 19th.No contributions on September 26th.No contributions on October 3rd.2 contributions on October 10th.1 contribution on October 17th.5 contributions on October 24th.1 contribution on October 31st.No contributions on November 7th.No contributions on November 14th.2 contributions on November 21st.No contributions on November 28th.4 contributions on December 5th.2 contributions on December 12th.5 contributions on December 19th.No contributions on December 26th.13 contributions on January 2nd.17 contributions on January 9th.No contributions on January 16th.No contributions on January 23rd.No contributions on January 30th.No contributions on February 6th.No contributions on February 13th.No contributions on February 20th.No contributions on February 27th.No contributions on March 5th.No contributions on March 12th.No contributions on March 19th.1 contribution on March 22nd.No contributions on March 29th.No contributions on April 5th.No contributions on April 12th.No contributions on April 19th.No contributions on April 26th.No contributions on May 3rd.2 contributions on May 10th.1 contribution on May 17th.18 contributions on May 24th.2 contributions on May 31st.2 contributions on June 7th.No contributions on June 14th.17 contributions on June 21st.3 contributions on June 28th.No contributions on July 5th.5 contributions on July 12th.No contributions on July 19th.No contributions on July 26th.No contributions on August 2nd.2 contributions on August 9th.No contributions on August 16th.No contributions on August 23rd.No contributions on August 30th.No contributions on September 6th.2 contributions on September 13th.No contributions on September 20th.7 contributions on September 27th.No contributions on October 4th.2 contributions on October 11th.4 contributions on October 18th.8 contributions on October 25th.No contributions on November 1st.1 contribution on November 8th.No contributions on November 15th.No contributions on November 22nd.18 contributions on November 29th.4 contributions on December 6th.8 contributions on December 13th.3 contributions on December 20th.No contributions on December 27th.6 contributions on January 3rd.25 contributions on January 10th.2 contributions on January 17th.4 contributions on January 24th.No contributions on January 31st.No contributions on February 7th.No contributions on February 14th.No contributions on February 21st.No contributions on February 28th.2 contributions on March 6th.No contributions on March 13th.2 contributions on March 23rd.1 contribution on March 30th.No contributions on April 6th.No contributions on April 13th.No contributions on April 20th.No contributions on April 27th.8 contributions on May 4th.No contributions on May 11th.No contributions on May 18th.No contributions on May 25th.4 contributions on June 1st.3 contributions on June 8th.2 contributions on June 15th.1 contribution on June 22nd.1 contribution on June 29th.No contributions on July 6th.No contributions on July 13th.4 contributions on July 20th.No contributions on July 27th.No contributions on August 3rd.1 contribution on August 10th.No contributions on August 17th.No contributions on August 24th.No contributions on August 31st.No contributions on September 7th.5 contributions on September 14th.3 contributions on September 21st.No contributions on September 28th.No contributions on October 5th.5 contributions on October 12th.4 contributions on October 19th.4 contributions on October 26th.No contributions on November 2nd.9 contributions on November 9th.No contributions on November 16th.No contributions on November 23rd.2 contributions on November 30th.3 contributions on December 7th.3 contributions on December 14th.2 contributions on December 21st.No contributions on December 28th.4 contributions on January 4th.9 contributions on January 11th.No contributions on January 18th.1 contribution on January 25th.No contributions on February 1st.No contributions on February 8th.No contributions on February 15th.No contributions on February 22nd.No contributions on February 29th.No contributions on March 7th.No contributions on March 14th.1 contribution on March 24th.No contributions on March 31st.No contributions on April 7th.No contributions on April 14th.No contributions on April 21st.No contributions on April 28th.No contributions on May 5th.No contributions on May 12th.6 contributions on May 19th.1 contribution on May 26th.11 contributions on June 2nd.No contributions on June 9th.1 contribution on June 16th.3 contributions on June 23rd.No contributions on June 30th.1 contribution on July 7th.No contributions on July 14th.1 contribution on July 21st.No contributions on July 28th.No contributions on August 4th.No contributions on August 11th.6 contributions on August 18th.No contributions on August 25th.No contributions on September 1st.No contributions on September 8th.No contributions on September 15th.No contributions on September 22nd.No contributions on September 29th.No contributions on October 6th.5 contributions on October 13th.6 contributions on October 20th.2 contributions on October 27th.No contributions on November 3rd.2 contributions on November 10th.1 contribution on November 17th.5 contributions on November 24th.11 contributions on December 1st.2 contributions on December 8th.2 contributions on December 15th.No contributions on December 22nd.No contributions on December 29th.3 contributions on January 5th.No contributions on January 12th.No contributions on January 19th.1 contribution on January 26th.No contributions on February 2nd.2 contributions on February 9th.No contributions on February 16th.No contributions on February 23rd.No contributions on March 1st.No contributions on March 8th.No contributions on March 15th.1 contribution on March 25th.No contributions on April 1st.No contributions on April 8th.No contributions on April 15th.No contributions on April 22nd.No contributions on April 29th.No contributions on May 6th.No contributions on May 13th.No contributions on May 20th.No contributions on May 27th.No contributions on June 3rd.1 contribution on June 10th.No contributions on June 17th.No contributions on June 24th.No contributions on July 1st.No contributions on July 8th.No contributions on July 15th.No contributions on July 22nd.No contributions on July 29th.No contributions on August 5th.No contributions on August 12th.No contributions on August 19th.No contributions on August 26th.No contributions on September 2nd.No contributions on September 9th.No contributions on September 16th.No contributions on September 23rd.No contributions on September 30th.No contributions on October 7th.13 contributions on October 14th.No contributions on October 21st.1 contribution on October 28th.No contributions on November 4th.No contributions on November 11th.3 contributions on November 18th.No contributions on November 25th.3 contributions on December 2nd.2 contributions on December 9th.5 contributions on December 16th.No contributions on December 23rd.No contributions on December 30th.4 contributions on January 6th.No contributions on January 13th.No contributions on January 20th.No contributions on January 27th.No contributions on February 3rd.No contributions on February 10th.No contributions on February 17th.No contributions on February 24th.No contributions on March 2nd.3 contributions on March 9th.No contributions on March 16th.
Contribution Graph
Day of Week March April May June July August September October November December January February March
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
Less
No contributions.
Low contributions.
Medium-low contributions.
Medium-high contributions.
High contributions.
More

Contribution activity

March 2024

6 contributions in private repositories Mar 3 – Mar 9

Seeing something unexpected? Take a look at the GitHub profile guide.