Skip to content

Contributions

Conference Talks & Public Sharing

CanSecWest 2024 · Death by a thousand cuts

View inline

KCon 2023 · Bluetooth Low Energy Hacking: From Digital Escape to Physical World

View inline

HITBSecConf 2023 · The Tragedy of Bluetooth Low Energy

View inline

Technical Notes

Two Birds with One Stone — A Guide to Exploiting Qualcomm GPU KGSL Driver Bugs

View inline

Vulnerabilities & Acknowledgements

  • MediaTek: CVE-2024-20081, CVE-2025-20693, CVE-2025-20694, CVE-2025-20695, CVE-2025-20746, CVE-2025-20747, CVE-2025-20765
  • D-Link: CVE-2022-48107, CVE-2022-48108, CVE-2023-25279, CVE-2023-25280, CVE-2023-25281, CVE-2023-25282, CVE-2023-25283
  • Huawei: CVE-2022-33735
  • Uniview: CNVD-2022-47150
  • NVDB: NVDB-CAVD-2023448820 (automotive)
  • Meta: Bug Bounty Hall of Fame 2024 (Meta Quest)

Competitions & Awards

  • Tianfu Cup 2021: vulnerability reproduction contest, cracking success
  • Butian Cup 2022/2023: payment hijack, BLE lock cracking, dashcam compromise — cracking success awards
  • GeekCon 2023: “How long to steal a NEV” — success, video: b23.tv/eUJckxA
  • GeekCon 2024: “Infiltrator in the Conference” — winner, video: b23.tv/cW3QvyT
  • SkyNet Cup (IoV track): 3rd place 2024, 2nd place 2025
  • Xiaomi Young Engineer RSU Incentive Program 2024