Skip to content
View shawnduong's full-sized avatar

Organizations

@ucm-it
Block or Report

Block or report shawnduong

Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
shawnduong/README.md

$ cat /home/skat/README.md

rf/net/forens hacker. Shawn Duong, aka Shawn "skat" Kathleen. Maker and breaker. I run a blog where I talk about my life and hijinks: shawnd.xyz/blog

Affiliations

  • IrisSec, founder/admin + rf/net/forens specialist
  • HackMerced, Director of Special Projects Engineering '22-'23, now mentor

Currently Working On

Near Future

  • Rice Cooker, Hacknox, and OpenHive
  • Hacking LT-T6 lamps
  • Cleaning up my site and GitHub

Highlights

(The following are incomplete lists and only show highlighted work.)

Projects

  • Complete
    • ath: a simple circuit board and associated Arduino code that display a binary message with LEDs, one nibble at a time.
    • CRT Monochrome: a minimalist text-first Jekyll theme taking inspiration from old monochrome CRT screens.
    • CTFx Archivist: archive tool for CTFx that generates a GitHub pages compatible static site.
    • MFRC522 MFCCLI: Mifare Classic CLI tool for Arduino MFRC522-compliant reader/writers.
    • hello.xyz: a lightweight, fast, and minimalistic personal website Jekyll theme fit for portfolios, blogs, and more.
    • mass-ytdl: a mass youtube-dl script for downloading large quantities of music with metadata. Requires Python, youtube-dl, ffmpeg, and xlrd.
    • Pacman Digest: Generate a digest of package space usage for Linux systems using pacman.
    • PXEnum: a shell script that automatically performs a series of *NIX enumeration tasks.
    • py2j: a lightweight Python library that converts YAML data to JSON.
    • PoCs
      • Amelior PoC: a health app that processes data collected from users and communicates it back to them in such a way that they can meaningfully utilize the information to better their lifestyles.
      • Badger PoC: an open source IoT RFID-based authentication, attendance tracking, notification, and rewards system for small to large scale events.
      • CyberTrace PoC: a new way to track and geographically map cyberattacks, in junction with a modular and extensible attack classification framework. Proof of concept, demo'ed in 2021.
    • Archived
      • HackerPass: an RFID-based authentication system for large events such as hackathons. Rebranded as Badger.
      • Rufus Botcat: a Discord bot that helps UC Merced students register for their classes by alerting them when seats open up.
      • switchlib: Python library for interacting with Cisco and Brocade network switches. Written and documented for the average network engineer.
      • UC Merced Registration Eye: a Python script that helps students get the classes they need by alerting them when seats open up. Succeeded by Rufus Botcat.
      • Zero to Hero Hacking: this repository is deprecated. See 02h.shawnd.xyz instead.
    • Forks
      • MarkText: Shawn's MarkText fork with automatic file reloading.
  • In Development
    • Badger: Badger is a complete event management platform for medium to large events.
    • hacknox: KOTH CTF in a briefcase.
    • OpenHive: free your Aerohives from Extreme's proprietary vendor-locked SaaS management platform.
    • Rice Cooker: configurable Arch Linux auto-installation scripting.
  • Other
    • 02h: Zero to Hero, a knowledge base for all sorts of computer hacking. This website is maintained as a personal passion project.
    • dotfiles: my Arch Linux + i3-gaps rice setup.
    • manimations: a repository for all of my animations in manim.
  • Private*
    • CSE 150: F21 CSE150 projects by Ryan Chazen, Shawn Duong, Samish Kavoori, Crystal Ling, Isabella Montoya, and David Ng at the University of California, Merced.
    • CSE 160: F21 CSE160 projects by Nathan Edwards and Shawn Duong.
    • CSE 168 Final: final project for CSE168 by Shawn Duong, Chloe Engel, Charison Gill-Branion, and Isabella Montoya.
    • EECS 262: my source code for the experiments and research as a part of my "Comparison of Data Dissemination Protocols in Multi-hop Wireless Sensor Networks" paper.
    • Hack the Planet HM VIII: source files for the "Hack the Planet!" event at HackMerced VIII.
    • htpm-lld23: "Hack the Planet! mini" source code, docs, and schematics for the event platform for Local Learn Day 2023.
    • Notion Finances Visualized: data visualization scripts for my Notion finance tracker template.
    • saarCTF 2023: attack and defense script codebase for team "One Big Eyeball" at saarCTF 2023.
    • ZenseCTF 2023 Forensics: source code for my forensic challenge series from ZenseCTF 2023.

* For access, please email me@shawnd.xyz and explain why you'd like to view them. Academic dishonesty is not a valid reason.

Websites

Templates

Events

Workshops

  • Intro to Back-End: skeleton code for my "Intro to Back-End" workshop delivered 2023.08.20 at the University of California, Merced.
  • Hack the Tracks!: Fall 2022 @ UC Merced, taught students network hacking, web exploitation, systems exploitation, privilege escalation, and more in order to root a model railroad system and speed up, slow down, reverse, derail, and crash trains.
  • Hack the Packet!: Fall 2022 @ UC Merced, taught students packet sniffing in order to recover credentials from a 5-hour-long network replay.
  • SEA x ENGRSL Python Workshop Series
    • Spring 2022 @ UC Merced, taught students how to program drones with Python. We also hacked a Dance Dance Revolution mat to control drones.
    • Fall 2021 @ UC Merced, taught students how to program drones with Python
    • Spring 2021 @ UC Merced, taught students applications of Python in work automation, data science, and computer security. Conducted remotely during the pandemic.
    • Fall 2020 @ UC Merced, introduced students to Python to create a series of simple games. Conducted remotely during the pandemic.

Highlighted Writeups

Pinned Loading

  1. PXEnum PXEnum Public

    A shell script that automatically performs a series of *NIX enumeration tasks.

    Shell 39 9

  2. CyberTrace-poc CyberTrace-poc Public archive

    A new way to track and geographically map cyberattacks, in junction with a modular and extensible attack classification framework. Proof of concept, demo'ed in 2021.

    JavaScript 2

  3. amelior-poc amelior-poc Public archive

    Amelior is a health app that processes data collected from users and communicates it back to them in such a way that they can meaningfully utilize the information to better their lifestyles.

    Kotlin 4

  4. IrisSec/2024.irisc.tf IrisSec/2024.irisc.tf Public

    IrisCTF 2024 static archive. Generated with CTFx Archivist by IrisSec.

    HTML

  5. IrisSec/2023.irisc.tf IrisSec/2023.irisc.tf Public

    IrisCTF 2023 static archive. Generated with CTFx Archivist by IrisSec.

    HTML