Software Developer & Researcher

My Research

iOS Jailbreak App

Vulnerability Research

Product VUL-ID Type Remark
Clash - CSRF to RCE On October 5, 2022, A code audit (Clash in Go) discovered an in-the-wild 0day exploit.
ClashX CVE-2023-34655 - clashX/discussions/1150, tttang.com/1904
XAgent(OpenBMB) CVE-2024-2007 Container Escape OpenBMB/XAgent/issues/386

Toy program

Others