Research

Our Research
Makes the World Safer

We continuously research cutting-edge attacking techniques and cybersecurity trends to enhance our Red Team Assessment and assist enterprises in staying ahead of the trends.

Research Advanced Cybersecurity Techniques

We have been researching leading and influential network software, devices, and systems such as Microsoft Exchange, Pulse Secure, Fortinet, Palo Alto, Jenkins, etc.

Develop Extensive Cyber Attack Skills

DEVCORE specializes in attack skills such as Binary Exploitation, Reversing, Web Security, and Cryptography. Moreover, we are capable of combining unexploitable bugs into critical vulnerabilities.

Collaborative Research Service

We’ll collaborate with your internal team to boost cybersecurity and minimize risk. We provide a comprehensive security assessment and Full Stack Assessment to identify potential attack methods, including Hardware Attack, Firmware Security Analysis, Software Vulnerability Assessment, and many others.

Members

Orange Tsai

Principal Security Researcher

Angelboy

Senior Security Researcher

Terrynini

Security Researcher

Pumpkin

Security Researcher

HexRabbit

Security Researcher
Competitions and Awards Enterprise Vulnerability Reports International Conferences CVE List

Research Findings

Tech Editorials #Advisory #CVE #RCE #Exchange #SSRF

A New Attack Surface on MS Exchange Part 1 - ProxyLogon!

Orange Tsai

 2021-08-06

Microsoft Exchange, as one of the most common email solutions in the world, has become part of the daily operation and secure connection for governments and enterprises. This January, we reported a series of vulnerabilities of Exchange Server to Microsoft and named it as ProxyLogon. ProxyLogon might be the most severe and impactful vulnerability in the Exchange history ever. If you were paying attention to the industry news, you must have heard it.

Tech Editorials #RCE #NAS #IoT

Your NAS is not your NAS !

Angelboy

 2022-03-28

Two years ago, we found a critical vulnerability, CVE-2021-31439, on Synology NAS. This vulnerability can let an unauthorized attacker gain code execution on a remote Synology DiskStation NAS server. We used this vulnerability to exploit Synology DS418play NAS in Pwn2Own Tokyo 2020. After that, we found the vulnerability exists not only on Synology but also on most NAS vendors. Following, we will describe the details and how we exploit it.

Tech Editorials #Advisory #CVE #RCE #Facebook #BugBounty

How I Hacked Facebook Again! Unauthenticated RCE on MobileIron MDM

Orange Tsai

 2020-09-12

Hi, it's a long time since my last article. This new post is about my research this March, which talks about how I found vulnerabilities in a leading Mobile Device Management product and bypassed several limitations to achieve unauthenticated RCE. All the vulnerabilities have been reported to the vendor and got fixed in June. After that, we kept monitoring large corporations to track the overall fixing progress and then found that Facebook didn't keep up with the patch for more than 2 weeks, so we dropped a shell on Facebook and reported to their Bug Bounty program!

More