2023-10-24 05:23:25 +07:00
|
|
|
module Route.Index exposing (ActionData, Data, Model, Msg, route)
|
|
|
|
|
|
|
|
|
|
import BackendTask exposing (BackendTask)
|
|
|
|
|
import FatalError exposing (FatalError)
|
|
|
|
|
import Head
|
|
|
|
|
import Head.Seo as Seo
|
2023-11-05 22:06:54 +07:00
|
|
|
import Html.Styled exposing (..)
|
2024-01-29 23:35:05 +07:00
|
|
|
import Html.Styled.Attributes exposing (style, target, src)
|
2023-10-24 05:23:25 +07:00
|
|
|
import Link exposing (Link)
|
|
|
|
|
import Pages.Url
|
|
|
|
|
import PagesMsg exposing (PagesMsg)
|
|
|
|
|
import UrlPath
|
|
|
|
|
import Route
|
|
|
|
|
import RouteBuilder exposing (App, StatelessRoute)
|
|
|
|
|
import Shared
|
|
|
|
|
import View exposing (View)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type alias Model =
|
|
|
|
|
{}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type alias Msg =
|
|
|
|
|
()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type alias RouteParams =
|
|
|
|
|
{}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type alias Data =
|
|
|
|
|
{ message : String
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
type alias ActionData =
|
|
|
|
|
{}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
route : StatelessRoute RouteParams Data ActionData
|
|
|
|
|
route =
|
|
|
|
|
RouteBuilder.single
|
|
|
|
|
{ head = head
|
|
|
|
|
, data = data
|
|
|
|
|
}
|
|
|
|
|
|> RouteBuilder.buildNoState { view = view }
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
data : BackendTask FatalError Data
|
|
|
|
|
data =
|
|
|
|
|
BackendTask.succeed Data
|
|
|
|
|
|> BackendTask.andMap
|
|
|
|
|
(BackendTask.succeed "Hello!")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
head :
|
|
|
|
|
App Data ActionData RouteParams
|
|
|
|
|
-> List Head.Tag
|
|
|
|
|
head app =
|
|
|
|
|
Seo.summary
|
|
|
|
|
{ canonicalUrlOverride = Nothing
|
2023-11-05 22:06:54 +07:00
|
|
|
, siteName = "nganhkhoa.com"
|
2023-10-24 05:23:25 +07:00
|
|
|
, image =
|
2023-11-05 22:06:54 +07:00
|
|
|
{ url = "https://nganhkhoa.com/nganhkhoa.png" |> Pages.Url.external
|
|
|
|
|
, alt = "nganhkhoa"
|
2023-10-24 05:23:25 +07:00
|
|
|
, dimensions = Nothing
|
|
|
|
|
, mimeType = Nothing
|
|
|
|
|
}
|
2023-11-05 22:06:54 +07:00
|
|
|
, description = "Personal blog of nganhkhoa"
|
2023-10-24 05:23:25 +07:00
|
|
|
, locale = Nothing
|
2023-11-05 22:06:54 +07:00
|
|
|
, title = "Anh Khoa Nguyen"
|
2023-10-24 05:23:25 +07:00
|
|
|
}
|
|
|
|
|
|> Seo.website
|
|
|
|
|
|
|
|
|
|
|
2023-11-05 22:06:54 +07:00
|
|
|
withSpacing : (List (Html msg) -> Html msg) -> List (Html msg) -> Html msg
|
|
|
|
|
withSpacing element =
|
|
|
|
|
List.intersperse (text " ") >> element
|
|
|
|
|
|
2023-10-24 05:23:25 +07:00
|
|
|
view :
|
|
|
|
|
App Data ActionData RouteParams
|
|
|
|
|
-> Shared.Model
|
|
|
|
|
-> View (PagesMsg Msg)
|
|
|
|
|
view app shared =
|
2023-11-06 00:20:32 +07:00
|
|
|
{ title = "nganhkhoa"
|
2023-10-24 05:23:25 +07:00
|
|
|
, body =
|
2024-01-29 23:35:05 +07:00
|
|
|
[ div [ style "display" "flex", style "column-gap" "10px" ]
|
|
|
|
|
[ quicklinks "github" "Github"
|
|
|
|
|
, quicklinks "git" "Personal Git"
|
|
|
|
|
, quicklinks "blog" "Blog Posts"
|
|
|
|
|
, quicklinks "osx" "OSX series"
|
|
|
|
|
, quicklinks "efiens" "Efiens Blogs"
|
|
|
|
|
]
|
|
|
|
|
, br [] []
|
|
|
|
|
, img [src "/nganhkhoa.png"] []
|
2023-11-05 22:06:54 +07:00
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "Welcome to my personal website, where I post random things and thoughts."
|
|
|
|
|
]
|
|
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "I'm a Security Engineer at"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "bshield" "BShield"
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "and"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "verichains" "Verichains"
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "Before that, I was a member of Efiens under the name"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "efiens" "luibo."
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "My specialty are in computer security: memory forensics, binary analysis, program analysis, and compiler."
|
|
|
|
|
, text "My interest in computer systems are programming languages."
|
|
|
|
|
, text "I am finding for opportunities in type theory, operational semantic, and formal methods."
|
|
|
|
|
]
|
|
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "My Github is"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "github" "nganhkhoa."
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "But I also maintain my personal git at"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "git" "git.nganhkhoa.com."
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, text "You can find out more about me in my "
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "cv" "CV."
|
2023-11-05 22:06:54 +07:00
|
|
|
, br [] []
|
2023-12-17 04:04:06 +07:00
|
|
|
, text "I often write blogs, most of them are based on my research knowledge. "
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "You can find my blogs "
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "blog" "here."
|
2023-11-05 22:06:54 +07:00
|
|
|
, br [] []
|
2024-01-29 23:35:05 +07:00
|
|
|
, text "I also wrote a series about Mach-O binary format. You can find it "
|
|
|
|
|
, quicklinks "osx" "here."
|
2023-11-05 22:06:54 +07:00
|
|
|
, br [] []
|
|
|
|
|
, text "I am a Vietnamese polyglot, fluent in English, conversational in Japanese, beginners in Mandarin and Korean."
|
|
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "\"I use (neo)Vim and Arch, btw\" - probably me."
|
|
|
|
|
, text "This site is written using"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "elm" "elm-pages."
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, projects
|
|
|
|
|
, br [] []
|
|
|
|
|
, publications
|
2023-10-24 05:23:25 +07:00
|
|
|
]
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-05 22:06:54 +07:00
|
|
|
projects : Html msg
|
|
|
|
|
projects =
|
|
|
|
|
div []
|
|
|
|
|
[ h1 [] [text "My Projects"]
|
|
|
|
|
, div []
|
2023-12-14 22:57:51 +07:00
|
|
|
[ h2 [] [text "(2023) TSShock"]
|
2023-11-05 22:06:54 +07:00
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "At Verichains, our team discovered multiple weaknesses in most implementations of Threshold ECDSA Signature Scheme following the works of"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "gg" "Gennaro and Goldfeder."
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "As the result, we presented our findings at "
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "tsshockblackhat" "Black Hat USA 2023"
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "and"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "tsshockhitb" "Hack In The Box Phuket 2023"
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "titled \"TSSHOCK: Breaking MPC Wallets and Digital Custodians for $BILLION$ Profit\"."
|
|
|
|
|
]
|
|
|
|
|
]
|
|
|
|
|
, div []
|
2023-12-14 22:57:51 +07:00
|
|
|
[ h2 [] [text "(2023) Audited Vietnam Citizen Card"]
|
2023-11-05 22:06:54 +07:00
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "Performed auditing of the protocol and the chip-based Citizen Card of Vietnam."
|
|
|
|
|
, text "Simulation of NFC protocols conforming to ICAO 9303."
|
|
|
|
|
, text "Found several vulnerabilities in applications verifying the authenticity of these cards."
|
|
|
|
|
, text "Government applications and devices are also audited."
|
|
|
|
|
, text "The foundation research for the development of"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "bshield" "BShield Secure-ID."
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
]
|
|
|
|
|
, div []
|
2023-12-14 22:57:51 +07:00
|
|
|
[ h2 [] [text "(2019 - 2023) Mach-O binary format analysis and obfuscation"]
|
2023-11-05 22:06:54 +07:00
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "Research into Mach-O binary format, which is used in Apple devices."
|
|
|
|
|
, text "Proposed obfuscation for the Mach-O binary."
|
|
|
|
|
, text "Familiar with tools for pentesting iOS applications."
|
|
|
|
|
]
|
|
|
|
|
]
|
|
|
|
|
, div []
|
2023-12-14 22:57:51 +07:00
|
|
|
[ h2 [] [text "(2021-2022) LLVM based Obfuscation"]
|
2023-11-05 22:06:54 +07:00
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "Build a LLVM based obfuscation compiler."
|
|
|
|
|
, text "Extend"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "ollvm" "Obfuscator-LLVM"
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "with"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "mba" "Mixed Boolean-Arithmetic"
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "as well as many other obfuscation passes."
|
|
|
|
|
, text "Fully updated to LLVM 14 with support for both new and legacy pass manager."
|
|
|
|
|
, text "A CTF challenge is released obfuscated using our obfuscator in"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "tetctf2022" "TetCTF 2022"
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
]
|
|
|
|
|
, div []
|
2023-12-14 22:57:51 +07:00
|
|
|
[ h2 [] [text "(2019-2023) Windows Live Memory Forensics"]
|
2023-11-05 22:06:54 +07:00
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "Research into Windows Forensics."
|
|
|
|
|
, text "Learned techniques used in Memory Forensics and familiar with tools like Volatility."
|
|
|
|
|
, text "Develope a new method for Live Forensics using Memory Forensics without Memory Extraction."
|
|
|
|
|
, text "A prototype is implemented, capable of inspecting the kernel global variables, structures,"
|
|
|
|
|
, text "and performing"
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "poolscan" "Pool Tag Quick Scanning."
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "This prototype is updated in 2023 to also detect injected code in processes for detection of"
|
|
|
|
|
, text "DLL Injection, Reflective DLL Injection, Process Hollowing, and similar malware techniques."
|
|
|
|
|
]
|
|
|
|
|
]
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
publications : Html msg
|
|
|
|
|
publications =
|
|
|
|
|
div []
|
|
|
|
|
[ h1 [] [text "Publications"]
|
|
|
|
|
, text "Most of my publications are drafts and not reviewed paper."
|
|
|
|
|
, text " "
|
|
|
|
|
, text "Because I am not in an academic environment so I do not know how to publish."
|
|
|
|
|
, br [] []
|
|
|
|
|
, br [] []
|
|
|
|
|
, withSpacing (div [])
|
|
|
|
|
[ text "New Key Extraction Attackson Threshold ECDSA Implementations."
|
|
|
|
|
, text "Duy Hieu Nguyen, Anh Khoa Nguyen, Huu Giap Nguyen, Thanh Nguyen, Anh Quynh Nguyen."
|
|
|
|
|
, text "August 2023."
|
|
|
|
|
, br [] []
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "tsshockwebsite" "[website]"
|
|
|
|
|
, quicklinks "tsshockwhitepaper" "[whitepaper]"
|
|
|
|
|
, quicklinks "tsshockvideohitb" "[HITB Recordings]"
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, br [] []
|
|
|
|
|
, withSpacing (div [])
|
2023-12-14 22:57:51 +07:00
|
|
|
[ text "Obfuscate API calls in Mach-O Binary."
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "Anh Khoa Nguyen."
|
|
|
|
|
, text "Expecting 2024."
|
|
|
|
|
, br [] []
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "macho" "[preprint]"
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, br [] []
|
|
|
|
|
, withSpacing (div [])
|
2023-12-14 22:57:51 +07:00
|
|
|
[ text "Live Memory Forensics Without RAM Extraction."
|
2023-11-05 22:06:54 +07:00
|
|
|
, text "Anh Khoa Nguyen, Dung Vo Van Tien."
|
|
|
|
|
, text "Expecting 2024."
|
|
|
|
|
, br [] []
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "live-memory-forensics" "[preprint]"
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, br [] []
|
|
|
|
|
, h2 [] [text "Dissertations"]
|
|
|
|
|
, withSpacing (p [])
|
|
|
|
|
[ text "After I graduated, I often advise undergraduate students on their dissertations."
|
|
|
|
|
, text "The list below contains my dissertation and dissertations I advised."
|
|
|
|
|
]
|
|
|
|
|
, withSpacing (div [])
|
|
|
|
|
[ text "Windows Memory Forensics: Finding hidden processes in a running machine."
|
|
|
|
|
, br [] []
|
|
|
|
|
, text "Author: Anh Khoa Nguyen."
|
|
|
|
|
, br [] []
|
|
|
|
|
, text "Advisors: An Khuong Nguyen, Le Thanh Nguyen, Quoc Bao Nguyen."
|
|
|
|
|
, br [] []
|
|
|
|
|
, text "Year: 2020"
|
|
|
|
|
, br [] []
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "memorypoolscan" "[pdf]"
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
, br [] []
|
|
|
|
|
, withSpacing (div [])
|
|
|
|
|
[ text "Windows Memory Forensics: Detecting hidden injected code in a process."
|
|
|
|
|
, br [] []
|
|
|
|
|
, text "Author: Vo Van Tien Dung."
|
|
|
|
|
, br [] []
|
|
|
|
|
, text "Advisors: An Khuong Nguyen, Anh Khoa Nguyen."
|
|
|
|
|
, br [] []
|
|
|
|
|
, text "Year: 2023"
|
|
|
|
|
, br [] []
|
2024-01-29 23:35:05 +07:00
|
|
|
, quicklinks "memoryinjection" "[pdf]"
|
2023-11-05 22:06:54 +07:00
|
|
|
]
|
|
|
|
|
]
|
2024-01-29 23:35:05 +07:00
|
|
|
|
|
|
|
|
quicklinks link title =
|
|
|
|
|
let
|
|
|
|
|
linkexternal src = Link.link (Link.external src) [target "_blank"] [text title]
|
|
|
|
|
linkinternal src = case src of
|
|
|
|
|
"blog" -> Link.link (Link.internal (Route.Blog__Slug_ { slug = "" })) [] [ text title ]
|
|
|
|
|
"osx" -> Link.link (Link.internal (Route.Osx__Slug_ { slug = "" })) [] [ text title ]
|
|
|
|
|
_ -> Link.link (Link.external "") [] [text title]
|
|
|
|
|
in
|
|
|
|
|
case link of
|
|
|
|
|
"github" -> linkexternal "https://github.com/nganhkhoa"
|
|
|
|
|
"git" -> linkexternal "https://git.nganhkhoa.com"
|
|
|
|
|
"efiens" -> linkexternal "https://blog.efiens.com/author/luibo"
|
|
|
|
|
"bshield" -> linkexternal "https://bshield.io"
|
|
|
|
|
"verichains" -> linkexternal "https://verichains.io"
|
|
|
|
|
"elm" -> linkexternal "https://elm-pages.com"
|
|
|
|
|
-- tsshock
|
|
|
|
|
"gg" -> linkexternal "https://eprint.iacr.org/2019/114"
|
|
|
|
|
"tsshockblackhat" -> linkexternal "https://www.blackhat.com/us-23/briefings/schedule/#tsshock-breaking-mpc-wallets-and-digital-custodians-for-billion-profit-33343"
|
|
|
|
|
"tsshockhitb" -> linkexternal "https://conference.hitb.org/hitbsecconf2023hkt/session/tsshock-breaking-mpc-wallets-and-digital-custodians/"
|
|
|
|
|
"tsshockwebsite" -> linkexternal "https://verichains.io/tsshock"
|
|
|
|
|
"tsshockwhitepaper" -> linkexternal "https://www.verichains.io/tsshock/verichains-tsshock-wp-v1.0.pdf"
|
|
|
|
|
"tsshockvideohitb" -> linkexternal "https://youtu.be/1ks2jcS7UE4"
|
|
|
|
|
-- ollvm
|
|
|
|
|
"ollvm" -> linkexternal "https://doi.org/10.1109/SPRO.2015.10"
|
|
|
|
|
"mba" -> linkexternal "https://doi.org/10.1007/978-3-540-77535-5_5"
|
|
|
|
|
"tetctf2023" -> linkexternal "https://twitter.com/hgarrereyn/status/1477919411977830402"
|
|
|
|
|
-- memory forensics
|
|
|
|
|
"poolscan" -> linkexternal "https://doi.org/10.1016/j.diin.2016.01.005"
|
|
|
|
|
-- site resources
|
|
|
|
|
"cv" -> linkexternal "cv.pdf"
|
|
|
|
|
"blog" -> linkinternal "blog"
|
|
|
|
|
"osx" -> linkinternal "osx"
|
|
|
|
|
-- pdfs
|
|
|
|
|
"memorypoolscan" -> linkexternal "https://drive.google.com/file/d/1Z_cKtBsi_gm8ugsrnAEPo-Wmx9GAuaSK/view?usp=sharing"
|
|
|
|
|
"memoryinjection" -> linkexternal "https://drive.google.com/file/d/1X18tr4OvcNYRoyxzTcsxM_MgjcqVW1sk/view?usp=sharing"
|
|
|
|
|
"macho" -> linkexternal "macho-obfuscation.pdf"
|
|
|
|
|
"live-memory-forensics" -> linkexternal "live-memory-forensics.pdf"
|
|
|
|
|
_ -> linkexternal ""
|
|
|
|
|
|
