About

• Software Developer & Researcher
• Projects I have participated in:
  • DAS-Sandbox(Maleware Sandbox) - UNIX-like Malware Research, Network Simulation Engine
  • DAS-AI(AI for Cybersecurity) - Code Execution Sandbox, LLM Gateway
  • Hunter(Network Asset Mapping System) - Network Asset Discovery, WebApp DAST, WebApp Fingerprinting

Open Source Projects

• Hyuga｜A tool for monitoring Out-of-Band (OOB) traffic, supporting DNS, HTTP, LDAP, RMI, and DNS-Rebinding.
• xssfinder｜A tool for detecting DOM-Based XSS using taint analysis, based on Chrome Headless for dynamic semantic analysis of JavaScript.
• TrollAppDuplicator | iOS App duplicator for TrollStore
• go-embed-extractor｜Extracting Go embeds

PR

• Tencent/AI-Infra-Guard
  • Optimize the Fingerprint DSL parser (build AST and support short-circuit)
  • Fix out-of-bounds panic when quoted string ends with a backslash
• saferwall/elf: Fix parsing of ELF section header

Vulnerability Research

• CVE-2025-5031
• CVE-2025-5030
• CVE-2025-1975 - Ollama
• CVE-2024-2007: Found XAgent(OpenBMB) container escape bug.
• CVE-2023-34655: Found ClashX(ObjC) XPC proxy privilege bug. (1150,tttang)
• Found in-the-wild 0-day, Clash(Go) CSRF-to-RCE bug (Oct 5, 2022).

Toy program

• TrollR2ool | iOS Runtime analysis tool
• inx｜Inject *.dylib into target process (like Frida) on macOS (arm64 and x86_64).
• gf.imipy.com - Today's meal picker.
• pinger - Transfer custom messages via ICMP.
• v2hreo - V2ray macOS Menu Bar Application with + CGO.
• webportscan - Scan local service (TCP) ports over Web page.
• PiMonitor - Build a Controllable Web Video Monitor with +.
• Rua - Generate a (rua.gif) from any avatar.

Others

• 微信公众号

• Old Blog(CN)