A Professional Cybersecurity Team
Providing Comprehensive Offensive Cybersecurity Service

Assisting Enterprises in Resisting Ever-evolving Cyberattacks

One Step Ahead of Hackers

Cybersecurity Experts With Both Hacker Skills and Mindset

DEVCORE is a Taiwan-based cybersecurity company offering "Red Team Assessment" with experts researching the latest cyber threats. We aim to create a safer cyber environment with our professionalism and passion.

Company Overview

Advanced Cybersecurity Research

DEVCORE keeps developing innovative attack methods, reporting vulnerabilities of international products and services, identifying potential cyber threats, and proposing solutions before hackers cause impacts through 0-day exploits.

Cybersecurity Research

Resist Ever-changing Cyber attacks

Cyberattacks become more complex and sophisticated. Through our up-to-date attacks, enterprises can identify potential entry points and evaluate cyber risks to review defense strategies and measures to defend against cyberattacks with effective and precise methods.

Cybersecurity Service

Allocate Cybersecurity Resources Effectively and Build Solid Cyber Defense Strategies

Protect Your Enterprise
and Gain Customer Trust with
Offensive Security Services.

Protect Against Cyberattacks Before Incidents Occur.

Most enterprises surprisingly found their defense ineffectual
under our Red Team Assessment.

  • 300+ Vulnerability Disclosures
  • 50+ Bug Bounty Program Reports
  • 77% Intranet Infiltrated during Assessments
  • 82% Passwords Cracked
  • 81% AD Pwned during Assessments
  • CVE-2024-38476
  • CVE-2024-38475
  • CVE-2024-38474
  • CVE-2025-2395
  • CVE-2025-0585
  • CVE-2025-21375
  • CVE-2024-50285
  • CVE-2024-49026
  • CVE-2024-48958

WorstFit: Unveiling Hidden Transformers in Windows ANSI!

The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical attacks, including Path Traversal, Argument Injection, and even RCE, affecting numerous well-known applications! Given that the root cause spans compiler behavior, C/C++ runtime and developer’s mistakes, we also discussed the challenges of pushing fixes within the open-source ecosystem.

MSRC 2024 Most Valuable Security Researchers - Angelboy

We’re thrilled to announce that Angelboy, senior security researcher at DEVCORE, is named one of Microsoft’s MSRC 2024 Most Valuable Security Researchers! He not only secured the #33 spot on the overall list but also achieved the #9 position in the Windows category. This is the first time Angelboy has been shortlisted on this annual leaderboard, and he is also the highest-ranked Taiwanese security researcher featured. This prestigious accomplishment highlights his exceptional expertise and significant contributions to the field.

Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!

This article explores architectural issues within the Apache HTTP Server, highlighting several technical debts within Httpd, including 3 types of Confusion Attacks, 9 new vulnerabilities, 20 exploitation techniques, and over 30 case studies. The content includes, but is not limited to: How a single ? can bypass Httpd’s built-in access control and authentication. How unsafe RewriteRules can escape the Web Root and access the entire filesystem. How to leverage a piece of code from 1996 to transform an XSS into RCE.

Streaming vulnerabilities from Windows Kernel - Proxying to Kernel

Over the past few decades, vulnerabilities in the Windows Kernel have emerged frequently. The popular attack surface has gradually shifted from Win32k to CLFS (Common Log File System). Microsoft has continuously patched these vulnerabilities, making these targets increasingly secure. However, which component might become the next attack target? Last year, MSKSSRV (Microsoft Kernel Streaming Service) became a popular target for hackers. However, this driver is tiny and can be analyzed in just a few days. Does this mean there might not be new vulnerabilities?

From Convenience to Contagion: The Half-Day Threat and Libarchive Vulnerabilities Lurking in Windows 11

In the October 2023 update, Windows 11 introduced support for 11 additional compression formats, including RAR and 7z, allowing users to manage these types of files natively within File Explorer. The enhancement significantly improves convenience; however, it also introduces potential security risks. To support these various compression formats, Windows 11 utilizes the libarchive library, a well-established open-source library used across multiple operating systems like Linux, BSD, and macOS, and in major projects such as ClickHouse, Homebrew, and Osquery.

Learn more

Cybersecurity Services

Red Team Assessment
Protect Your Assets.

Learn more
  • Analysis of potential scenarios
  • Patch and mitigation of discovered vulnerabilities
  • Customized defense strategy and risk mitigation
  • Attack timeline to re-evaluate defense capability
  • Simulation of real-world cyber attacks

Penetration Testing
Verify Systems with Realistic Attacks.

Learn more
  • Comprehensive testings based on system complexity
  • Discover complex attack techniques
  • Provide methods mitigating vulnerabilities
  • Verifying the patch effectiveness
  • Provide universal secure programming advice

Security Consulting
Tailor Your Defense Strategies.

Learn more
  • Advice on defense strategies based on Red Team Assessment
  • Enhance defense strategies
  • Advice on practical defense implementation from hacker’s perspective
  • Advice based on international standards and frameworks

Security Training
Defense with the Hacker Mindset.

Learn more
  • Understand the attacker's infiltration routes and context
  • Hands-on practice to enhance attack capability
  • Learning attack techniques
  • Analysis of the latest trends and techniques