Selected
Projects

At Volexity, I researched ways to streamline extraction of Windows kernels from system updates. These kernels are used to build system profiles for Volexity's memory forensics core product.

 

By exploring kernel deltas in WinSxS, I discovered a faster alternative using MSDelta and specific CAB components. This approach outperformed the existing process, which used DISM and full-sized CABs. To confirm this, I conducted 6,000+ trials comparing both approaches using a scripting framework I implemented from scratch in Python.

 

Additionally, I answered a key question Volexity was interested in: Can we predict when an update will successfully generate a new kernel when applied to a specific Windows image? Yes! At least based on empirical evidence generated by the 6,000+ trials I conducted. My experiment showed that build number and revision number predict successful patches. 

​

Presentation | Code (I would share this but don't want to be sued into oblivion)

I built a complete disassembler for Penn's LC-4. It takes in a raw binary file and outputs the full assembly code. My disassembler covers the entire LC-4 instruction set, including directives.

​

This was completed as my final project's optional extra-credit for CIT-593. I am not allowed to post my repo publicly due to Penn's academic integrity policies, but I am more than happy to discuss my work.

I implemented a partial assembler for Penn's LC-4 that handles a subset of LC-4 instructions. My assembler takes an LC-4 assembly file and produces an executable binary file for the source code. It ignores all comments and accepts directives for .CODE, .ADDR, and .DATA. 

​

This was completed for CIT-593 and includes optional extra-credit portions. I am not allowed to post my repo publicly due to Penn's academic integrity policies, but I am more than happy to discuss my work.