More things can be found in my personal site: https://sites.google.com/site/zhiniangpeng
Exploiting preauth RCE and Sandbox escape vulnerabilities in EXSi, Typhooncon 2023
OLE object are still dangerous today — Exploiting Microsoft Office, POC 2023
Django-Simple-Captcha — JumpServer Preauth RCE, Mosec BaijiuCon 2023
APT vs GPT, Campus Talk in 2023
vSphere 攻防技法分享, KCON 2023
Exploit Exchange in New Ways, Zer0con 2022
Exploiting Errors in Windows Error Reporting Service in 2022, POC 2022
Don't Dare to Exploit - An Attack Surface Tour of SharePoint Server, Defcon 2021
Exploiting Windows COM/WinRT Services, Blackhat USA 2021
Lewis Lee, Diving in to Spooler: Discovering LPE and RCE Vulnerabilities in Windows Printer, Blackhat USA 2021
Exploiting Microsoft Sharepoint, Zer0con 2021
All roads lead to Rome Many ways to double spend your cryptocurrency, Zer0con 2019
Security Risks in Zero Knowledge Proof Cryptocurrencies, PacSec 2019
Danger of using fully homomorphic encryption, a look at microsoft seal, Presentation in Cansecwest, Opcde, Overdrive 2019
Many way to double spend your cryptocurrency, Presentation, NEO devcon 2019
使用全同态加密构造数据安全方案的安全风险, GIAC 2019 全球互联网架构大会
零知识证明在区块链应用中的安全和隐私问题, CCF 区块链开发者大会 2019
A novel journey of blockchain security, Real World CTF 2018
区块链安全风险, P.O.D New BlockTrend TED talk 2018
Some Mining Related Attacks, Presentation, Monero village, Defcon26, 2018
EOS Node Remote Code Execution Vulnerability, Presentation, EOS devcon 2018
Some Security Risks for DLT, Presentation, ITU-SG17 2018
Detecting Union Type Confusion in Component Object Model, Usenix security 2023
COMRACE Detecting Data Race Vulnerabilities in COM Objects, Usenix Security 2022
Code is the Law Demystifying and Mitigating Blockchain Inconsistency Attacks Caused by Software Bugs, INFOCOM 2021
Security Analysis on dBFT protocol of NEO, FC 2020