My presentations

More things can be found in my personal site: https://sites.google.com/site/zhiniangpeng

Exploiting preauth RCE and Sandbox escape vulnerabilities in EXSi, Typhooncon 2023

OLE object are still dangerous today — Exploiting Microsoft Office, POC 2023

Django-Simple-Captcha — JumpServer Preauth RCE, Mosec BaijiuCon 2023

APT vs GPT, Campus Talk in 2023

vSphere 攻防技法分享, KCON 2023

Exploit Exchange in New Ways, Zer0con 2022

Exploiting Errors in Windows Error Reporting Service in 2022, POC 2022

Don't Dare to Exploit - An Attack Surface Tour of SharePoint Server,  Defcon 2021

Exploiting Windows COM/WinRT Services, Blackhat USA 2021

Lewis Lee, Diving in to Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer, Blackhat USA 2021

Exploiting Microsoft Sharepoint, Zer0con 2021

All roads lead to Rome Many ways to double spend your cryptocurrency, Zer0con 2019

Security Risks in Zero Knowledge Proof Cryptocurrencies, PacSec 2019

Danger of using fully homomorphic encryption, a look at microsoft seal, Presentation in Cansecwest, Opcde, Overdrive 2019

Many way to double spend your cryptocurrency, Presentation, NEO devcon 2019

使用全同态加密构造数据安全方案的安全风险, GIAC 2019 全球互联网架构大会

零知识证明在区块链应用中的安全和隐私问题, CCF 区块链开发者大会 2019

A novel journey of blockchain security, Real World CTF 2018

区块链安全风险, P.O.D New BlockTrend TED talk 2018

Some Mining Related Attacks, Presentation, Monero village, Defcon26, 2018 

EOS Node Remote Code Execution Vulnerability, Presentation, EOS devcon 2018

Some Security Risks for DLT, Presentation, ITU-SG17 2018

Detecting Union Type Confusion in Component Object Model, Usenix security 2023 

COMRACE Detecting Data Race Vulnerabilities in COM Objects, Usenix Security 2022

Code is the Law Demystifying and Mitigating Blockchain Inconsistency Attacks Caused by Software Bugs, INFOCOM 2021

Security Analysis on dBFT protocol of NEO, FC 2020