Javad Zandi Profile Picture
Javad Zandi
Brief biography

     I'm Javad Zandi, also known as repozitor. A software/hardware engineer and a security analyzer of software/hardware. In the 7 last year i did many industrial project and i found that commerical software/hardware need an important security improvement. So i became member of IEEE and ACM to do security research. For more details of what I do and what I can do, check this page.

If you need more detail, download pdf version.

Areas of Interest

Professional Hacker, Information Security, Computer Security, Network Security, Cryptography

Education

2016 - now

M.Eng - Computer Engineering (Computer Architecture)

Thesis: Automatic vulnerability & malware detection for dynamic languages (i.e. PHP)
Tehran, Shahid Beheshti University
GPA: 17.8/20

2011 - 2016

B.Sc. - Computer Engineering

Tehran, Shahid Beheshti University
GPA: 13.6/20 (Major: 17.5/20)
Certificate: [Fa]

2007 - 2011

High School - Mathematics

Tehran, 22 Bahman 57
GPA: 17.8/20
Certificate: [Fa]

2004 - 2007

Middle School

Tehran, Shahid Tabatabaei
GPA: 19.4/20
Certificate: [Fa]

1 Sep 2017

GRE: -/170

Quantitative(-/170), Verbal(-/170), Writing(-/170)

1 Sep 2017

TOEFL: -/120(iBT)

Reading(-/30), Listening(-/30), Speaking(-/30), Writing(-/30)

Publications

2018, Jan

[Paper] Implementation and analysis of a novel low power and portable energy measurement tool for wireless sensor nodes

by Javad Zandi, Mona Ghassemian, Abbas Naderi Afooshteh
Accepted in THE 9th IEEE GCC CONFERENCE & EXHIBITION IEEE-GCC.org
Submitted on 26th Iranian Conference on Electrical Engineering (ICEE) icee2018.sadjad.ac.ir
Click to see!

2016, Aug

[Book] Operating System

by Mohsen Ebrahimi Moghadam, Javad Zandi
Click to see!

2015, Sep

[Paper] LRBAC: Flexible function-level hierarchical role based access control for Linux

by Javad Zandi, Abbas Naderi Afooshteh
Click to see!

Patents

2016, Sep

Safe and secure database storage architecture for medical Network

by Javad Zandi
[Iranian Patent] Patent Number: 139450140003005088
Click to see!

2016, Mar

High accuracy power measurement for wireless devices

by Javad Zandi
[Iranian Patent] Patent Number: 139450140003009944
Click to see!

2015, Feb

Solid-State CD-ROM

by Javad Zandi
[Iranian Patent] Patent Number: 139450140003008758
Click to see!

2014, Dec

High accuracy liquid level detection system for medical intstrument

by Javad Zandi
[Iranian Patent] Patent Number: 139450140003005087
Click to see!

Honors & Awards

2017

Rank 2nd
Certificates: [Fa 1 2 3 4]

2016

Rank 133rd in Computer Engineering among more than 57,000 students in Iranian nationwide master’s degree university entrance examination

Computer Science & Engineering Conquer

2014

Rank 1th Iran's Fifth International Hacking Online Contest cert.sharif.edu

5th Sharif university contest on capture the flag
Certificate: [Fa]

2010

Rank 920th among more than 1,400,000 students in Iranian nationwide B.Sc. degree university entrance examination

Mathematical Conquer

2009

Ranked 1th in design and development field of 10th Kharazmi Young Award

Design Title: Design an smart CNG Capsule for vehicles
Certificates: [Fa 1 2]

2008

Choosen for National Iranian Physics Olympiad

High School Olympiad
Certificate: [Fa]

2008

Ranked 1th in Physics Olympiad

High School Olympiad
Certificate: [Fa]

2007

Ranked 4th in Mathematics Olympiad

High School Olympiad
Certificate: [Fa]

2003

Ranked 1th in Mathematics Olympiad

Middle School Olympiad
Certificate: [Fa]

2002

Ranked 1th in Olom Tajrobi Olympiad

Middle School Olympiad
Certificate: [Fa]

Job / Career

2016 - now

Nou Andishan-e Kherad Afarin

I'm Co-Funder of Nou Andishan-e Kherad Afarin Company. This is an startup company which started from 2016. I am web developer and head of IT/Security department of this company. The brand of this company is Wegobazaar and it's website is wegobazaar.com. We are trying to make a new way of online shopping for iranian people.

2015 - 2016

13th International ISC (Iranian Society of Cryptology) Conference on Information Security and Cryptology (ISCISC)

I was Administrator of iscisc2016.sbu.ac.ir. This is an official web-site for conference which have news, rss, paper handling for reviewers, gallery, ...

2014 - 2017

Imen Sanjesh Azma

I’m Member of engineering team of IT department. This company is in cooperating with Pars Ideal System and both of them have shared project. Most of project of this company was my idea and i done all of them.
Certificates: [Fa 1 2 3 4]

2013 - 2015

Shahid Beheshti IT Department

In this department i was director of security and i did security analysis of Golestan, Dinning, office automation, eLearning, Courseware, e-Mail, VPN and core network (routers and switches). In this time most of vulnerability detected and fixed.

2012 - 2016

Pars Ideal System - IT Security

Many enterprise project have done in this company, binary analysis of Hitachi instrument was an important part of my job. In addition we have develop software project and invent new embedded system for Hitachi medical instrument that registered as patent.
Certificates: [Fa 1 2 3 4]

Courses Lectured

2016

Subscriber identity module security analysis

Ministry of Communication & Information Technology - Security IT
15 Session

2016

Introduction to cryptography and practical side-channel attack

Shahid Beheshti University, Computer Science & Engineering Department
10 Session

2015

Operating system lab

Shahid Beheshti University, Computer Science & Engineering Department
18×4 Session for 4 group

2015

Introduction to Information Security Management System (ISMS)

Shahid Beheshti University, IT Staff Department
20 Session

2015

Introduction to computer security

Shahid Beheshti University - IT Staff Department
20 Session

2015

Introduction to Linux & computer security

Shahid Beheshti University - eLearning Department
20 Session

2014

Operating system lab

Shahid Beheshti University - Electrical Engineering & Computer Science Department
19 Session

Sessions & Workshops

2017

Security-aware programming in PHP

Shahid Beheshti University - Computer Science & Engineering Department
1 Session

2015

Architecture-aware programming in C

Shahid Beheshti University - Computer Science & Engineering Department
2 Session

2015

SSL & TLS vulnerabilities

Shahid Beheshti University - Mathematical Department
1 Session

2015

Practical Xilinx Spartan6 bit-stream hacking

Shahid Beheshti University - Computer Science & Engineering Department
5 Session

2014

Developing safe & secure embedded system for real-time applications

Shahid Beheshti University - Computer Science & Engineering Department
8 Session

2013

Integration Qt with ARM processors!

Shahid Beheshti University - Computer Science & Engineering Department
6 Session

2013

Qt network programming

Shahid Beheshti University - Computer Science & Engineering Department
3 Session

Teaching Assistants

2015 - Spring

Computer & network security [Ms.c & Phd Course]

Prof. Maghsoud Abbaspour

2015 - Fall

Operating system laboratory

Prof. Hadi Tabatabaei

2014 - Fall

Operating systems

Prof. Mohsen Ebrahimi Moghadam

2013 - Spring

Computer networks

Prof. Mona Ghassemian

2013 - Spring

Operating systems

Prof. Mohsen Ebrahimi Moghadam

2013 - Spring

Computer networks

Prof. Mona Ghassemian

2013 - Spring

Machine language & assembly programming

Prof. Ahmad Mahmoudi Aznaveh

2013 - Fall

Computer networks

Prof. Mona Ghassemian

2013 - Fall

Computer architecture

Prof. Farshad Safaei

2011 - Spring

Machine language & assembly programming

Prof. Ahmad Mahmoudi Aznaveh

2011 - Spring

Computer basic programming

Prof. Ahmad Mahmoudi Aznaveh

2011 - Fall

Machine language & assembly programming

Prof. Ahmad Mahmoudi Aznaveh

2011 - Fall

Advanced programming

Prof. Azadeh Mansouri

2011, Fall

Computer basic programming

Prof. Ahmad Mahmoudi Aznaveh

Notable Work

2017

PSM – Physical Security Module for HSM

Project Skills: ARM, C, C++, Java, Network Programming, Xilinx Zynq, FIPS 140-4, Cryptography, PKCS11, Embeded Linux, Embeded FS
PSM provides ultra security against all physical tamper and side channel attack for protecting master key of cryptographic operation. PSM designed in FIPS 140-4 standard.
This Module Connect Directly to FPGA FMC (Zynq Series) slot and communicate over a secured protocol. PSM designed for hardware security module[HSM i.e. safenet) to generate, manage and protect master key of all operation against physical tamper. PSM toke 9-month for developing! Now PSM can be used on HSM, ATM and POS and it is hardened against cryptography side channel attack. PSM Also support many protocols for communication including PKCS #11.

2016

OS Algorithms Simulator

Project Skills: Linux, Qt-Framework, OS scheduling algorithms, OS memory management scheduling, POSIX, C++, Network programming, Multi thread programming
This simulator simulate many important algorithms visually to student for better understanding of cpu and memory algorithms.
I wrote this tool for OS bachelor course to show them how OS manage it’s cpu and memory. This tool written by Qt-framework. Students can manipulate algorithms parameters and watch their effect on utilization/performance of cpu and memory.

2016

Design & implementation of high accurate power measurement tool

Project Skills: ARM, HPC design technique, C, C++, Qt framework, CLI Scripts, Memory Map Design, Linux, HW Design, Test, Computer Architecture, Assembly
This can be used for wireless sensor network power analysis and also for side-channel attack in hardware security
This tool has more capacity than professional oscilloscope, but in same accuracy.

2015

DNI - Deep Netlist Inspection

Project Skills: VHDL, Verilog, Synopsys, DesignVision, CAD Tools, FPGA, Digital logic design, Flex-Bison parser scanner, Qt-framework, Centos, Cadence, Xilinx ISE, ModelSim, Memory management algorithms
This project was developed for Fifth International Hacking Online Contest. DNI can analysis netlist information and export important data about the design, which is help designers to design secure chip. DNI created by Qt-Framework
DNI is the second generation of VHDL2NetList(my own previous project). After the competition, DNI continued to developing.

2015

Design & implementation of solid-state CD-ROM

Project Skills: ARM, HPC design technique, C, C++, IDE & SATA Communication Protocol, Qt framework, CLI Scripts, Memory Map Design, Linux, HW Design, Test, Memory heatmap analysis, Computer Architecture, Assembly, AXI-AMBA Protocol
Solid-State CD-ROM could be used as real CD-ROM, without any extra interface. This project gained a grant from Imen Sanjesh Azma company. I earned 3,000$.

2015

Design & implementation of high accuracy liquid level detection system for medical instrument

Project Skills: SoC Design, ARM, HPC design technique, C, C++, Qt framework, CLI Scripts, Linux, Analog Design, Test
This is an embedded system which help medical instruments, like Hitachi, Technicon, roch, ect. This project gained a grant from Imen Sanjesh Azma & Pars Ideal System Iranian company. I earned 23,000$

2015

Design & implementation of safe & secure database for medical network

Project Skills: SQL, NFS, Linux, Cryptography, Linux(Redhat), Bash Scripts, ARM, C, C++, Meteor, Assembly, MIPS R12K
This is an embedded system which designed for all medical laboratory to share disease’s information for better decision about him/his illness. This project gained a grant from Imen Sanjesh Azma company. I earned 5,000$

2014

HIDM - Hijack Internet Download Manager

Project Skills: Socket Programming, Linux, Tun/Tap Linux driver developing, Qt-framework, Linux, Filesystem management, Linux firewall, C, C++, Flex-Bison parser scanner, HTTP protocol handling, HTTP Authentication
HIDM tool help people to boost their internet speed in public network or public WiFi.
Idea of this tool comes from computer network course. i decide to implement a tool which can take multiple ip from network for multiple virtual interfaces. HIDM split files/weburl into pieces and fetch it’s data from multiple interfaces.

2014

Developing CPU board of Hitachi Automatic Analyzer 917 series

Project Skills: ARM, C, C++, Motorola 68K, Qt framework, Test, Computer Architecture, Assembly, Java
We Improved the CPU board by changing orders of actions in greedy solution in or- der to speed up(35%) analyzer
This project has been done for American Hitachi Reseller named Diamond Diagnostics Corporation

2014

Securing and improving Shahid Beheshti University core network

Project Skills: CISCO iOS, HUAWEI, Cryptography, PHP, Web-App, JavaScript, Vulnerability Scanning, Exploit Design, Linux, Network Programming
In this project many of CISCO routers/switches reconfigured with the same functionality but more security to avoid advanced attack. In addition many servers vulnerability detected and fixed.
This project defined by IT/Network department and done under supervision Dr.Abbaspor(IT president)

2013

Design & implementation of Rocketport's driver

Project Skills: x86 Assembly, PCI-Express Driver, Kernel Development, Kernel Module
In this project we develop a custom driver in order to gain higher performance and new functionality.
This project gained a grant from Pars Ideal System Iranian. I earned 3,500$

2012

JHOSX operating system

Project Skills: x86 Assembly, C, C++, yasm, nasm, gcc, Link script development, LBA and CHS addressing, Filesystem, DDR driver, VGA driver, terminal, calculator, CPU scheduling
In this project we develop a fully custom operating system with multistage bootloader. In the first stage booloader loads the basic program on cpu memory in real-mode and then start the second stage. In the second stage bootloader switch cpu to protected mode and load ddr driver, disk driver, VGA Driver, and then finally load kernel image to memory and pass control system to kernel by jumping to starting address of kernel.
This project was sold 800$.

2011

SecNetLister - Listing network secret data

Project Skills: Qt-framework, Network Packet capturing, Network programming, Net- work parser, C, C++, aircrack-ng, Linux, Bash scripting
SecNetLister help users to capture username and password text in clear-text based lines(including WiFi and Ethernet).
SecNetLister was my first project with Qt framework. Just for fun!

2008

Chemistry software for high school

Project Skills: MultiMedia Builder, Java
This application simulate a chemistry labratory and the students can work with lab tools.
This is the first application i created, when i was in high school. It tooks 1.5 years to complete and distributed to more than 100 school in Tehran.

Last Update on: Thu Jan 25 12:48:56 +03:30 2018

Skills

C
C++
Java
Python
Perl
C#
Assembly (Intel syntax)
Assembly (AT&T syntax)
MIPS & ARM (assembly)
Ruby
PHP
HTML
Javascript
jQuery
CSS
LaTeX
Mathematica
MATLAB
Objective-C
TCL
nesC
CUDA
OpenCL
OpenGL
Delphi
Basic
Pascal
Ada
SystemC
VHDL
Verilog
SystemVerilog
HSPICE