Javad Zandi Profile Picture
Javad Zandi
Brief biography

    I'm Javad Zandi, also known as repozitor. A software/hardware engineer and a security analyzer of software/hardware. In the last 7 years, I did many industrial projects and I found that commercial software/hardware needs an important security improvement. So I became a member of IEEE and ACM to do security research. For more details of what I do and what I can do, check this page.

If you need more detail, download the PDF version.

Areas of Interest

Information Security, Operating System, Binary Analysis, Computer Architecture, Professional Hacking, Software Engineering

Education

2015 - 2018

M.Eng - Computer Engineering (Computer Architecture)

Thesis: Automatic vulnerability & malware detection for dynamic languages (i.e. PHP)
Tehran, Shahid Beheshti University
Thesis grade: 19.25/20

2010 - 2015

B.Eng - Computer Engineering

Tehran, Shahid Beheshti University
Thesis grade: 19.5/20
Certificate: [Fa]

Publications

Dec, 2020

[Paper] Automatic exploit generation for dynamic language applications

Under Review!

May, 2019

[Paper] Noise robust text independent speaker identification using adaptive for- mant estimation and MFCC in persian language

Javad Zandi, Mehdi Bekrani, Maryam Hatami
27th Iranian Conference on Electrical Engineering (ICEE)

Jun, 2019

[Book] Theory of fun in game design - translated to persian

Javad Zandi, Maryam Hatami, Dorsa Samiei, Sogol Alipor
Publisher: Olom o Fonon Razi

Dec, 2018

[Book] Introduction to web vulnerability and malwares

Javad Zandi
Publisher: Olom o Fonon Razi

May, 2018

[Paper] Implementation and analysis of a novel low power and portable energy measurement tool for wireless sensor nodes

Javad Zandi, Abbas Naderi Afooshteh, Mona Ghassemian
26th IEEE Iranian Conference on Electrical Engineering (ICEE)
Click to see!

Sep, 2015

[Paper] LRBAC: Flexible function-level hierarchical role based access control for Linux

Javad Zandi, Abbas Naderi Afooshteh
12th IEEE International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC)
Click to see!

Patents
Safe and secure database storage architecture for medical Network

by Javad Zandi
Iranian Patent Number: 139450140003005088
Click to see!

Solid-State CD-ROM

by Javad Zandi
Iranian Patent Number: 139450140003008758
Click to see!

High accuracy liquid level detection system for medical intstrument

by Javad Zandi
Iranian Patent Number: 139450140003005087
Click to see!

Honors & Awards

2020

Rank 2nd, Awarded by President of Iran
Certificate: Click to see!

2018

Top 3 R&D talented student in Iran by Iran's National Elites Foundation

Awarded by Vice President for Science and Technology
Certificate

2017

Shahid Beheshti University top student in 2017

Prize: 1200$
University News[Fa] Picture: 1, 2

2016

Rank 2nd
Certificates: [Fa 1 2 3 4]

2016

Rank 133rd in Computer Engineering among more than 57,000 students in Iranian nationwide master’s degree university entrance examination

Computer Science & Engineering Conquer

2014

Rank 1st Iran's 5th International Hacking Online Contest cert.sharif.edu

5th Sharif university contest on capture the flag
Certificate: [Fa]

2010

Rank 930th among more than 600,000 students in Iranian nationwide bachelor degree university entrance examination

Mathematical Conquer

2009

Ranked 1st in design and development field of 10th Kharazmi Young Award

Design Title: Design an smart CNG Capsule for vehicles
Certificates: [Fa 1 2]

2008

Choosen for National Iranian Physics Olympiad

High School Olympiad
Certificate: [Fa]

2008

Ranked 1st in Physics Olympiad

High School Olympiad
Certificate: [Fa]

2007

Ranked 4th in Mathematics Olympiad

High School Olympiad
Certificate: [Fa]

2003

Ranked 1st in Mathematics Olympiad

Middle School Olympiad
Certificate: [Fa]

2002

Ranked 1st in Olom Tajrobi Olympiad

Middle School Olympiad
Certificate: [Fa]

Job / Career

2019 - 2020

Payame-Noor University

I am a contract teacher (temporary teacher) at Payam-e-Noor University (Rey City Branch). In the fall and spring, my courses were operating system, principles of algorithms, and computer security.

2016 - 2019

Parsa Sharif Research Institute

I was research scientist under supervision of Professor Ali Jahanian.

2013 - 2015

Shahid Beheshti IT Department

I had done most security analysis of university network for the IT department.

2012 - 2016

Pars Ideal System - IT Security

I was the director of IT & Software engineering department in this company.

Courses Lectured

2016

Subscriber identity module security analysis

Ministry of Communication & Information Technology - Security IT
15 Session

2016

Introduction to cryptography and practical side-channel attack

Shahid Beheshti University, Computer Science & Engineering Department
10 Session

2015

Operating system lab

Shahid Beheshti University, Computer Science & Engineering Department
18×4 Session for 4 group

2015

Introduction to Information Security Management System (ISMS)

Shahid Beheshti University, IT Staff Department
20 Session

2015

Introduction to computer security

Shahid Beheshti University - IT Staff Department
20 Session

2015

Introduction to Linux & computer security

Shahid Beheshti University - eLearning Department
20 Session

2014

Operating system lab

Shahid Beheshti University - Electrical Engineering & Computer Science Department
19 Session

Sessions & Workshops

2017

Security-aware programming in PHP

Shahid Beheshti University - Computer Science & Engineering Department
1 Session

2015

Architecture-aware programming in C

Shahid Beheshti University - Computer Science & Engineering Department
2 Session

2015

SSL & TLS vulnerabilities

Shahid Beheshti University - Mathematical Department
1 Session

2015

Practical Xilinx Spartan6 bit-stream hacking

Shahid Beheshti University - Computer Science & Engineering Department
5 Session

2014

Developing safe & secure embedded system for real-time applications

Shahid Beheshti University - Computer Science & Engineering Department
8 Session

2013

Integration Qt with ARM processors!

Shahid Beheshti University - Computer Science & Engineering Department
6 Session

2013

Qt network programming

Shahid Beheshti University - Computer Science & Engineering Department
3 Session

Teaching Assistants

Spring - 2015

Computer & network security [Ms.c & Phd Course]

Prof. Maghsoud Abbaspour

Fall - 2015

Operating system laboratory

Prof. Hadi Tabatabaei

Fall - 2014

Operating systems

Prof. Mohsen Ebrahimi Moghadam

Spring - 2013

Computer networks

Prof. Mona Ghassemian

Spring - 2013

Operating systems

Prof. Mohsen Ebrahimi Moghadam

Spring - 2013

Computer networks

Prof. Mona Ghassemian

Spring - 2013

Machine language & assembly programming

Prof. Ahmad Mahmoudi Aznaveh

Fall - 2013

Computer networks

Prof. Mona Ghassemian

Fall - 2013

Computer architecture

Prof. Farshad Safaei

Spring - 2011

Machine language & assembly programming

Prof. Ahmad Mahmoudi Aznaveh

Spring - 2011

Computer basic programming

Prof. Ahmad Mahmoudi Aznaveh

Fall - 2011

Machine language & assembly programming

Prof. Ahmad Mahmoudi Aznaveh

Fall - 2011

Advanced programming

Prof. Azadeh Mansouri

Fall - 2011

Computer basic programming

Prof. Ahmad Mahmoudi Aznaveh

Notable Work

2019

SmartAEG: Smart automatic exploit generation for dynamic type languages

Project Skills: PHP, Machine learning, Formal verification, CDFG analysis, Javascript, Z3, Software emulating
This is my M.Eng thesis project started in 2017, which is my biggest research. This tool was implemented to find out PHP application exploits. After emulating and searching for sink destinations, CPG will be used to generate attack vectors.

2017

PSM – Physical Security Module for HSM

Project Skills: ARM, C, C++, Java, Network Programming, Xilinx Zynq, FIPS 140-2, Cryptography, PKCS11, Embeded Linux, Embeded FS
PSM provides ultra-security against all physical tamper and side-channel attacks for protecting the master key of cryptographic operations. PSM designed in FIPS 140-2 level-3 standard.

2016

OS Algorithms Simulator

Project Skills: Linux, Qt-Framework, OS scheduling algorithms, OS memory manage- ment scheduling, POSIX, C++, Network programming, Multi-thread programming
This simulator simulates many important algorithms visually for students to a better understanding of differ- ent CPU and memory algorithms.

2016

Design & implementation of high accurate power measurement tool

Project Skills: ARM, HPC design technique, C, C++, Qt framework, CLI Scripts, Mem- ory Map Design, Linux, HW Design, Test, Computer Architecture, Assembly
PMWSN Paper tool

2015

DNI - Deep Netlist Inspection

Project Skills: VHDL, Verilog, Synopsys, DesignVision, CAD Tools, FPGA, Digital logic design, Flex-Bison parser scanner, Qt-framework, Centos, Cadence, Xilinx ISE, ModelSim, Memory management algorithms
DNI is the second generation of VHDL2NetList(my previous project). It is used for 5th Sharif CTF.

2015

Design & implementation of solid-state CD-ROM

Project Skills: ARM, HPC design technique, C, C++, IDE & SATA Communication Protocol, Qt framework, CLI Scripts, Memory Map Design, Linux, HW Design, Test, Memory heatmap analysis, Computer Architecture, Assembly, AXI-AMBA Protocol
Solid-State CD-ROM could be used as real CD-ROM, without any extra interface. I earned 30,000$.

2015

Design & implementation of high accuracy liquid level detection system for medical instrument

Project Skills: SoC Design, ARM, HPC design technique, C, C++, CLI Scripts, Linux, Analog Design, Test
New novel methodology for level detection in medical instruments, like Hitachi. I earned 23,000$

2015

Design & implementation of safe & secure database for medical network

Project Skills: SQL, NFS, Linux, Cryptography, Linux(Redhat), Bash Scripts, ARM, C, C++, Meteor, Assembly, MIPS R12K
This is an embedded system designed for all medical laboratories to share disease’s information for a better decision about him/his illness. I earned 5,000$

2014

HIDM - Hijack Internet Download Manager

Project Skills: Socket Programming, Linux, Tun/Tap Linux driver developing, Qt-framework, Linux, Filesystem management, Linux firewall, C, C++, Flex-Bison parser scanner, HTTP protocol handling, HTTP Authentication
HIDM tool helps people to boost their internet speed in the public network or public WiFi. Just for Fun!

2014

Developing CPU board of Hitachi Automatic Analyzer 917 series

Project Skills: ARM, C, C++, Motorola 68K, Qt framework, Test, Computer Architec- ture, Assembly, Java
This project has been done for American Hitachi Reseller: Diamond Diagnostics Corporation.

2014

Securing and improving Shahid Beheshti University core network

Project Skills: CISCO iOS, HUAWEI, Cryptography, PHP, Web-App, JavaScript, Vul- nerability Scanning, Exploit Design, Linux, Network Programming
This project defined by the IT/Network department under the supervision of Dr. Abbaspor (IT president).

2013

Design & implementation of Rocketport's driver

Project Skills: x86 Assembly, PCI-Express Driver, Kernel Development, Kernel Module
In this project, we develop a custom driver in order to gain higher performance and new functionality. I earned 3,500$

2012

JHOSX operating system

Project Skills: x86 Assembly, C, C++, yasm, nasm, gcc, Link script development, LBA and CHS addressing, Filesystem, DDR driver, VGA driver, terminal, calculator, CPU scheduling

2011

SecNetLister - Listing network secret data

Project Skills: Qt-framework, Network Packet capturing, Network programming, Net- work parser, C, C++, aircrack-ng, Linux, Bash scripting
SecNetLister help users to capture the username and password text in clear-text based lines(including WiFi and Ethernet). Just for fun!

2008

Chemistry software for high school

Project Skills: MultiMedia Builder, Java
This application simulates a chemistry laboratory and the students can work with lab tools.

Last Update on: Jan 25 16:58:03 +03:30 2020

Skills

C
C++
Java
Python
Perl
C#
Assembly (Intel syntax)
Assembly (AT&T syntax)
MIPS & ARM (assembly)
Ruby
PHP
HTML
Javascript
jQuery
CSS
LaTeX
Mathematica
MATLAB
Objective-C
TCL
nesC
CUDA
OpenCL
OpenGL
Delphi
Basic
Pascal
Ada
SystemC
VHDL
Verilog
SystemVerilog
HSPICE