About Me

About Me

Software engineer current working on security development, strong interested in:

  • low-level stuffs
  • exploit
  • program analysis
  • embedded device
  • custom Android ROM

Highlights

  • 2022.02, Report two command injection vulnerabilities of JDCloud wireless router to the JD Security Response Center.
  • 2022.01, Report a RCE vulnerablity(HIGH RISK!!) of JDCloud wireless router to the JD Security Response Center. (nickname: orioos, rank 6)
  • 2021.12, Report two vulnerabilities to the Alibaba Security Response Center. (nickname: orioos, rank 9)
  • 2021.08, Report a vulnerability to the Alibaba Security Response Center. (nickname: orioos, rank 28)

Current Skills

  • C, C++ with STL, Objective-C
  • Scripting language: bash、Python
  • Assembler lanaguage: x86
  • Reserve engineering
  • Multi-threaded and network programming
  • Development tools: ida,Burp Suite,Git,GCC,Clang,GDB,XCode,Visual Studio,Visual Studio Code,Docker,qemu
  • Operation system: Professional user of Linux, macOS and Windows

Github

Work Experiences

  • 2021.05 - Now: Sangfor Technologies, Software Engineer, NanJing.
  • 2020.07 - 2020.09: Trend Micro, RD Intern, NanJing.

Project Experiences

2021.10 - 2022.08

High performance process, network, file event monitor which use for EPP and XDR product, support for macOS 10.12 to 12.0.

2021.08 - 2021.10

Removable USB device control library for macOS, support for macOS 10.12 to 12.0.

2021.05 - 2021.08

Customize GNU/Bash to support command logging, cloud server protection.

Author

lyq1996

Posted on

2022-08-15

Updated on

2022-08-15

Licensed under

Comments