Talks

2024

• WorstFit: Unveiling Hidden Transformers in Windows ANSI!
  • Black Hat Europe
• Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
  • Black Hat USA
  • HITCON
  • OrangeCon
  • SEC-T
  • Hacktivity

2023

• A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor Evolution, and Lesson Learneds
  • HITCON
  • Romhack
  • Hexacon
  • CODE BLUE
• 從 2013 到 2023: Web Security 十年之進化及趨勢!
  • WebConf Taiwan
• From Zero to Hero — 從零開始的 Pwn2Own 奪冠之路
  • DEVCORE Conference

2022

• Let’s Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
  • Black Hat USA
  • DEFCON
  • HITCON
  • CODE BLUE

2021

• The Proxy Era of Microsoft Exchange Server
  • POC 2021
  • HITCON
  • CODE BLUE
• ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!
  • Black Hat USA
  • DEFCON
• A Journey Combining Web Hacking and Binary Exploitation in Real World!
  • RealWorld CTF (Live Forum)
  • OWASP Hong Kong TechDay
• 從初出茅廬到破解大師: 我的 14 年駭客生涯回顧
  • iThome CYBERSEC 2021 台灣資安大會

2020

• How I Hacked Facebook Again!
  • HITCON

2019

• Infiltrating Corporate Intranet Like NSA - Pre-auth RCE on Leading SSL VPNs
  • Black Hat USA
  • DEFCON
  • HITCON
  • CODE BLUE
  • HITB GSEC
  • RomHack
• 你用它上網，我用它進你內網 - 知名電信商設備遠端代碼執行漏洞
  • DEVCORE Conference
• Hacking Jenkins!
  • Pass the Salt
  • Becks.io
  • HITB GSEC

2018

• Breaking Parser Logic - Take Your Path Normalization off and Pop 0days Out!
  • Black Hat USA
  • DEFCON
  • CODE BLUE
  • Hack.lu
• 從一個脆弱點到串起整個攻擊鏈
  • 先知白帽大會
  • HITCON
• 從一個脆弱點到串起整個攻擊鏈 (JavaScript ver)
  • TDOH Conf

2017

• A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
  • Black Hat USA
  • DEFCON
  • Black Hat Asia (2018)
  • HITCON
  • CODE BLUE
  • HITB GSEC

2016

• Bug Bounty 獎金獵人甘苦談 那些年我回報過的漏洞
  • HITCON

2015

• Web Hacking 中的奇技淫巧 - Epic Tricks in Web Hacking
  • HITCON
• 關於 HITCON CTF 的那些事 - Web 狗如何在險惡的 CTF 世界中存活？
  • WooYun Summit

2014

• 掃吧你！從協議面抓出機歪的遠端桌面後門
  • HITCON

2013

• 0-Day 輕鬆談(0-Day Easy Talk) - Happy Fuzzing Internet Explorer
  • HITCON
• Best Practices - The Upload
  • WebConf Taiwan
• 矛盾大對決
  • PHPConf Taiwan
• 駭客看 Django
  • PyCon Taiwan

2012

• Security in PHP 那些在滲透測試的小技巧
  • PHPConf Taiwan
• 網頁安全 Web Security 入門
  • Study Area Taiwan

2011

• SQL Injection from Past to Now
  • AVTokyo
• 關於SQL Injection的那些奇技淫巧
  • Chroot