Hi, I am Orange, currently the Principal Security Researcher at DEVCORE, and the core member of CHROOT Security Group in Taiwan. I am a RCE enthusiast and mainly focus on Web and Application Security. My research has received several hacking awards and has been accepted by numerous security conferences.

You can find me on twiter , mail and instagram .

Selected Honors

• 2022 - Champion of Pwn2Own Toronto
• 2021 - Winner of Pwnie Awards — “Best Server-Side Bug” for Exchange Server RCEs
• 2021 - 3rd of Top 10 Web Hacking Techniques for Exchange Server RCEs
• 2021 - Champion of Pwn2Own Vancouver
• 2021 - 28th of Top 100 Microsoft Most Valuable Security Researchers
• 2019 - Winner of Pwnie Awards — “Best Server-Side Bug” for SSL VPN RCEs
• 2019 - 4st of Top 10 Web Hacking Techniques for research of SSL VPN RCEs
• 2019 - 2nd of DEFCON CTF Final as team HITCON x BFKinesiS
• 2018 - 1st of Top 10 Web Hacking Techniques for research of Breaking Parser Logics
• 2017 - 1st of Top 10 Web Hacking Techniques for research of A New Era Of SSRF
• 2017 - 2nd of DEFCON CTF Final as team HITCON
• 2015 - 1st of 0CTF Final as team 217
• 2014 - 2nd of DEFCON CTF Final as team HITCON
• 2014 - 1st of 台灣大專院校資安技能金盾獎
• 2012 - 1st of 台灣大專院校資安技能金盾獎
• 2011 - 1st of 台灣大專院校資安技能金盾獎
• 2009 - 1st of HITCON Wargame Contest