International conferences we participate in
2025
OffensiveConf
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
2025
DEVCORE CONF
只需一次 API 呼叫的致命一擊:從硬體逆向到突破保護機制的精準攻擊
2025
HITCON
只需一次 API 呼叫的致命一擊:從硬體逆向到突破保護機制的精準攻擊
2025
HITCON
Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities
2025
HITCON
Compromising Linux the Right Way: 0-days, Novel Techniques, and Lessons from Failure
2025
HITCON
The Art of PHP — My CTF Journey and Untold Stories!
2025
Hexacon
Déjà Vu in Linux io_uring: Breaking Memory Sharing Again After Generations of Fixes
2025
Hardwear.io
Hacking to the Gate(way): Take Over Samsung SmartThings with a Single API Call
2025
CODE BLUE
Cache the Frames, Catch the Vulnerabilities in Kernel Streaming
2025
Hexacon
Arise From The Wireless: Breaking The Security Barrier In Wi-Fi
2025
Hardwear.io
Arise From The Wireless: Breaking The Security Barrier In Wi-Fi
2025
AVTOKYO
Returned to QNAP TS-464 at Pwn2Own and Pwned It Again!
2024
CCC
From Convenience to Contagion: The Libarchive Vulnerabilities Lurking in Windows 11
2024
Black Hat Europe
WorstFit: Unveiling Hidden Transformers in Windows ANSI!
2024
POC
How I use a novel approach to exploit a limited OOB on Ubuntu at Pwn2Own Vancouver 2024
2024
CODE BLUE
Proxying to Kernel : Streaming Vulnerabilities from Windows Kernel
2024
Hexacon
Proxying to Kernel : Streaming Vulnerabilities from Windows Kernel
2024
Hacktivity
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
2024
SEC-T
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
2024
OrangeCon
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
2024
HITCON
Proxying to Kernel : Manipulate Flow to Make Windows Kernel Great Again
2024
HITCON
全境擴散:從 Windows 11 到 libarchive 的深層威脅與全面影響
2024
HITCON
Clash, Burn, and Exploit: Manipulate Filters to Pwn kernelCTF
2024
HITCON
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
2024
DEF CON
Clash, Burn, and Exploit: Manipulate Filters to Pwn kernelCTF
2024
Black Hat USA
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
2023
Hexacon
A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE
2023
Hexacon
A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learned
2023
RootCon
A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learned
2023
RomHack
A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE
2023
RomHack
A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learned
2023
HITCON
A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learned
2023
HITCON
搭配模糊測試對Linux核心遠端檔案系統進行漏洞挖掘
2023
HITCON
入無人之徑:於 MikroTik 蟄伏九載的 Pre-Auth RCE
2023
DEF CON
A Comprehensive Review on the Less-Traveled Road: 9 Years of Overlooked MikroTik Pre-Auth RCE
2023
WebConf
從 2013 到 2023: Web Security 十年之進化及趨勢!
2022
CODE BLUE
Your Printer is not your Printer ! - Hacking Printers at Pwn2Own
2022
CODE BLUE
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
2022
HITCON
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
2022
HITCON
Your Printer is not your Printer ! - Hacking Printers at Pwn2Own
2022
DEF CON
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
2022
Black Hat USA
Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
2021
HITCON
你的 NAS 不是你的 NAS !
2021
HITCON
ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
2021
POC
The Proxy Era of Microsoft Exchange Server
2021
CODE BLUE
ProxyLogon is Just the Tip of the Iceberg, A New Attack Surface on Microsoft Exchange Server!
2021
Black Hat USA
ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
2021
DEF CON
ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
2021
OWASP HK Techday 2021
A Journey Combining Web Hacking and Binary Exploitation in Real World!
2021
Real World CTF Forum
A Journey Combining Web Hacking and Binary Exploitation in Real World!
2020
HITCON
你的資安策略夠明確嗎?透過框架優先緩解真實威脅
2020
HITCON
My journey on SMBGhost
2020
HITCON
How I Hacked Facebook Again!
2019
CODE BLUE
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
2019
RomHack
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
2019
HITB GSEC - Singapore
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
2019
DEF CON
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
2019
Black Hat USA
Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
2019
Pass the SALT
Hacking Jenkins!
2019
HITB SecConf
Hacking Jenkins!
2019
Red Team Summit
Red Team In Taiwan: Zero To One
2018
CODE BLUE
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!
2018
Hack.lu
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!
2018
DEF CON
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!
2018
Black Hat USA
Breaking Parser Logic: Take Your Path Normalization off and Pop 0days Out!
2018
Black Hat Asia
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
2018
HITCON
從一個脆弱點到串起整個攻擊鏈
2017
DEF CON
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
2017
Black Hat USA
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
2017
HITB GSEC - Singapore
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
2017
HITCON Community
Play with File Structure - Yet Another Binary Exploit
2017
HITCON Community
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
2017
CODE BLUE
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
2016
HITCON Community
Bug Bounty 獎金獵人甘苦談 - 那些年我回報過的漏洞
2015
HITCON Community
Web Hacking 中的奇技淫巧
2014
HITCON
被遺忘的資訊洩漏