shugg.dev

experience

I'm a computer scientist with a passion for invention and security. I graduated from Virginia Tech in 2021 with a B.S. in computer science and a minor in cyber security. A year later, I graduated with a M.S. (also in computer science), focusing on computer systems and security, with an emphasis on fuzzing.

I enjoy software development, exploring software security, and creating things in my free time. Check out the blog posts I've written about some of my endeavors here.

Career

Microsoft - Security Verification Engineer

I'm an engineer at Microsoft. I've been doing exciting security work involving speculative-execution side-channel attacks (remember Spectre and Meltdown?) and other architectural attacks. I've also been working on the Microsoft Pluton Security processor and the Microsoft Cobalt processor. Recently I had the chance to co-author a patent and successfully submit it to the US Patent Office. Additionally, given Microsoft's position in the AI frenzy, I have been taking advantage of chances to enable the use of LLMs in my organization's day-to-day engineering workflows. It's been a fantastic experience so far.

Virginia Tech Computer Science - Teaching Assistant

I also worked as a Teaching Assistant with the Virginia Tech Computer Science department for five semesters. I spent four of those five semester working on CS 3214 - Computer Systems, both as an undergraduate and graduate TA. This class is notorious for its challenging assignments and comprehensive C-based software development, but I absolutely loved it.

I got the chance to assist hundreds of students with complex systems programming projects involving Linux processes, multithreading, memory management, virtualization, security, and networking, all with a heavy emphasis on writing robust and high-performing code.

Research

During my M.S. degree at Virginia Tech (2020-2022), I created Gurthang, a fuzzing framework designed specifically for fuzz-testing web servers. I created a novel fuzzing harness for AFL++ capable of sending multiple payloads to a web server simultaneously, allowing for effective testing for concurrency-related bugs induced when servers handle multiple requests at once. Read more about it here!

Skills

projects

Creating things - especially things I dreamed up myself - is incredibly rewarding and one of my greatest passions in life. Mix that with a couple of computer science degrees and you wind up with lots of coding projects. Here are a few notable mentions of things I've created (or are still creating):

• ttydo, a command-line task tracker.
• DImROD, my custom-built smart-home driver and personal server.
• personal command-line utilities and dotfiles, to help me with command-line hackery.
• custom QMK firmware, for a mechanical keyboard I built.
• snowbudget, a budgeting assistant I wrote for my personal finances.
• snowbroker, my attempt at writing an automated stock trading system.
• dwarrowdelf, a theme for Vim I created.
• wrivcam, my homemade Raspberry Pi dash cam.

I also worked on some pretty neat projects in school. Here are some of my favorites:

• gurthang, my M.S. thesis project
• HTTP/1.1-compliant Web Server, featuring multithreading and response caching (C)
• Memory Allocator & Manager (C) (like LibC's malloc interface)
• Threadpool (C)
• Extensible Linux Shell (C)
• P2P secure & scalable messaging protocol (Rust) (senior capstone)
• Simple one-time pad encryption networking protocol (Java)
• Simplified MIPS32 assembler (C)
• Rust implementation of the Linux kernel's ramfs

Other stuff I've built into this website:

• A finance calculator
• RELF, my zero-player cellular automata game

tidbits

The Marching Virginians

While at Virginia Tech, I played trumpet in the Marching Virginians for five years. Joining that band was one of the best decisions I have ever made. If you happen to be reading this as a Tech student and are on the fence about auditioning, let me help you: do it.

A Few Quotes

Fictional and nonfictional people alike have some great things to say. Here are some I like (more to come!):

• "All that is gold does not glitter, not all those who wander are lost; the old that is strong does not wither, deep roots are not reached by the frost." - J.R.R. Tolkien
• "What good is power when you're too wise to use it?" - Ursula K. Le Guin
• "All we have to decide is what to do with the time that is given to us." - Gandalf the Grey
• "Yet the making of things is in my heart from my own making by thee; and the child of little understanding that makes a play of the deeds of his father may do so without thought of mockery, but because he is the son of his father." - Aulë the Vala
• "It's a dangerous business, Frodo, going out your door. You step onto the road, and if you don't keep your feet, there's no knowing where you might be swept off to." - Bilbo Baggins
• "Sometimes I compare the Java language to a tricycle, with training wheels. And then C would be like riding a Harley. Without a helmet. On I-85. On a Friday night. It's all good and fun if you know what you're doing, but if you don't you can get in all kinds of trouble." - William McQuain
• "We can't help everyone, but everyone can help someone." - Ronald Reagan
• "How hard can it be?" - Jeremy Clarkson

Books

Books are amazing. Here are some I really enjoy.

• The Lord of the Rings (trilogy) - J.R.R. Tolkien
• The Silmarillion - J.R.R. Tolkien
• The Hobbit - J.R.R. Tolkien
• The Earthsea Cycle (series) - Ursula K. Le Guin
• Mageborn (series) - Michael G. Manning
• The Misenchanted Sword - Lawrence Watt-Evans
• The Art of Racing in the Rain - Garth Stein
• The Belgariad (series) - David Eddings
• The Riftwar Saga (series) - Raymond E. Fiest