Yan Shoshitaishvili

I am an Assistant Professor at Arizona State University, focused mainly on advancing the state of the art of binary analysis.

I am always looking for promising students and research interns! If you are interested in awesome security research and CTF, email me.

email · CV · Google Scholar · Github


My research mainly focuses on advancing the field of binary analysis, with a focus on embedded firmware. However, I am passionate about a wide range of topics, including web security (specifically, how cybercriminals exploit victims and evade detection), privacy (for example, understanding what one's social media presence reveals about one's self), and computer security education (through the use of novel computer security competitions). You can view my full publication record at Google Scholar.

One of the results of my research is the creation of the binary analysis framework angr, a carefully architected system that is extensively used in academia and the industry.


I am a member of the competitive hacking team Shellphish, and have captained it for the last half decade. With the help of my teammates, we were able to push Shellphish to become one of the highest-ranked hacking groups in the world.

As Shellphish, we run computer security classes (open to the community) and participated in competitions. These classes have helped inspire much of the next generation of hackers, with at least one other well-known hacking team having gotten their start at our "hack meetings".

Cyber Grand Challenge

DARPA's Cyber Grand Challenge was a competition to create a fully autonomous "Cyber Reasoning System" that would be able to autonomously participate in hacking competitions. Building off of our research at UC Santa Barbara, Shellphish was able to qualify for, and win third place in, the DARPA Cyber Grand Challenge final event. I was honored to have the privilege of being the captain of this amazing team.

You can read more about our CGC effort, the media coverage around it, and our Cyber Reasoning System (which we open-sourced) here.