News

Year Up: Course Files

2018-09-10

For my Year Up students, below is the link to the course materials. Please log-in using the credentials I provided to you in class.

Year Up Material by Mr. Liggett

Java: Lecture #1

2018-09-05

Here are the briefing slides for tonight's Java lecture:

Java -- Lecture #1

Foundational Python

2018-07-21

Here are the briefing slides for my Python presentation at HOPE:

Foundational Python -- Learn How to Code in an Hour

Python Lecture at Hackers On Planet Earth (HOPE)

2018-07-05

HOPE XII Logo

It's official: Here's the Python programming lecture that I'll be giving at this year's Hackers On Planet Earth (HOPE) conference in New York City on Saturday, July 21st, 2018:

Foundational Python: Learn How to Code in an Hour

GreaterGoods.care

2018-05-07

Here I am (in the middle) with my Master's capstone group from George Washington University, where we presented our GreaterGoods.care system to help charities get more goods donated to them. Note: The site is not yet mobile-friendly on smartphones but it should display correctly on tablets and larger devices.

William and his Capstone Group
Left-to-Right: Dadian "Jason" Qu, Xinxin Zheng, William Paul Liggett, John Keegan, and Shohei Higurashi

Our system is meant to be simple and easy to understand, but we featured a number of advanced techniques and have tried our best to design a highly secure web application. Cybersecurity is hugely important to me, so I built the codebase to try and defend against:

  • Cross-Site Scripting (XSS)
  • SQL Injection (SQLi)
  • Cross-Site Request Forgery (CSRF)
  • Brute Force Attacks
  • Password Sprays
  • Session Fixation Attacks

In addition, before a user can create an account, they must click on a unique link that is sent to their email account. Also, users can securely reset their password or get a reminder email of what their username is if they forget it. Moreover, user passwords are never stored in plaintext as I have it using a secure hashing algorithm with random salt (bcrypt) to store user passwords. This means that even though I built all of the backend code and have access to the database, I do not know the passwords used by any user. As an example, here is the password hash for the test_user_1 account:

$2y$10$5eCYhInILuAmvfev4elYZufG1a1rFKg6tPvWKrG6DTTo6U.lPD38S

I highly doubt that somebody could easily decrypt that hash to the real password, but if you're able to then please tell me as the bcrypt designers would like to know!

--William