trapfuzzer: Coverage-guided Binary Fuzzing with Breakpoints

PRESENTATION SLIDES (PDF) trapfuzzer is a tool I developed in Python and C and has the following features: Users can view the test status in the fuzzy process, pause / resume the test task, and manage the test status through TCP port The tool supports saving the mutation relationship between testcases in the fuzzing process […]

Container Escape in 2021

PRESENTATION SLIDES (PDF) Container escape is a hot topic in cloud security. Methods of container escaping has been covered by several parties however the traditional container (runc) uses the same kernel with the host so there are always new escape methods being discovered. In this talk, I will show three new methods to escape the […]

Going Deeper into Schneider Modicon PAC Security

PRESENTATION SLIDES (PDF) To provide an economical way to deliver functional control in the gap between the PLC and the DCS, Schneider offer industrial process automation controllers-Modicon PACs(M580, M340, MC80,etc).Modicon PACs feature redundancy functionality, native Ethernet, embedded cybersecurity,But are these industrial brains, widely used in power, water, and critical infrastructure, really secure? In this presentation,we […]

IDA2Obj: Static Binary Instrumentation On Steroids

PRESENTATION SLIDES (PDF) IDA2Obj is a tool I created that allows you to directly dump multiple object files just from one executable binary (exe, dll, etc) – The tool is designed mainly for Static Binary Instrumentation to collect code coverage and integrates with popular fuzzing engines (AFL, honggfuzz, etc). Based on my testing, it is […]

Taking Ghidra to the Next Level

PRESENTATION SLIDES (PDF) Ghidra is NSA opensouced in 2019. As the only one in the open source community that has the potential of being the replacement of IDA, it draws a lot of attention. However, due to the history of its development, the code has been historical. And the official seems to be moving slow […]

Gazing Ahead: What Modern RF Combat Looks Like in the Next Decade

PRESENTATION SLIDES (PDF) Imagine robotic tanks that maneuver themselves across desert terrain, avoiding landmines; drones with enough artificial intelligence to carry out strikes without human operators, and next-generation uniforms to monitor soldiers’ heart rates and hydration levels… or provide early warning alarms for chemical attacks. If you Google the Internet of Things, you only find […]

Make JDBC Attacks Brilliant Again

PRESENTATION SLIDES (PDF) In this presentation, we will share our latest research into attacking JDBC. We will start with the derivation of JDBC attacks including the JDBC concept and root cause of vulnerability. We will then give  a more in-depth analysis of occurred implementations including the 0day we found (Weblogic RCE). Finally we will share […]

The Art of Exploiting UAF by Ret2bpf in Android Kernel

PRESENTATION SLIDES (PDF) In early 2021, an external researcher reported to Google three lines of code indicating the xt_qtaguid kernel module, used for monitoring network socket status, had a Use-After-Free vulnerability (CVE-2021-0399) for 10 years. Unfortunately, the researcher did not provide any additional information or a PoC and stated the vulnerability was not exploitable on […]

Scaling Up Offensive Pipelines

PRESENTATION SLIDES (PDF) In this talk, we will discuss the essentials of offensive pipeline and present our innovative approach, while referring to the challenges we solved, and demonstrate how you can leverage our offensive CI/CD framework to empower red team and purple team operations. Evolving endpoint protection software with enhanced detection capabilities and greater visibility […]

KEYNOTE 1: Security Technology Arms Race 2021 – Medal Event

PRESENTATION SLIDES (PDF) The investment into both offensive and defensive technologies has grown dramatically in line with the Internet’s rise as the pivotal system for communications, critical infrastructure, and global finance. Security of the Internet, cloud data, and personal devices, once an afterthought, is now a significant expense and stress on governments, organisations, corporations and […]