Orange Tsai - Infiltrating Corporate Intranet Like NSA Preauth RCE - DEF CON 27 Conference
#HITB2019AMS D2T1 - Hacking Jenkins - Orange Tsai
#Hacktivity2024 // Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
Confusion Attacks: Exploiting Hidden Semantic Ambiguity In Apache HTTP Server! - Orange Tsai
DEF CON 26 - Orange Tsai - Breaking Parser Logic Take Your Path Normalization Off and Pop 0Days Out
#HITBGSEC 2017 SG Conf D1 - A New Era Of SSRF - Exploiting Url Parsers - Orange Tsai
SEC-T 0x10: Orange Tsai - Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache
HEXACON2023 - A 3-Year Tale of Hacking a Pwn2Own Target by Orange Tsai
MobileIron MDM unauthenticated RCE (with Facebook as case study)
DEF CON 30 - Orange Tsai - Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!
DEF CON 26 - Orange Tsai - Breaking Paser Logic Take Your Path Normalization Off and Pop 0days Out
A 3-Year Tale of Hacking a Pwn2Own Target by: Orange Tsai
Take Your Path Normalization Off And Pop 0days Out Orange Tsai
A Pre Auth RCE On Leading SSL VPNs Orange Tsai and Tingyi Chang
#HITBGSEC D1: A Pre-Auth RCE On Leading SSL VPNs - Orange Tsai and Tingyi Chang
WorstFit Attack: CVE-2024-49026 - Microsoft Excel NTLM Relay to RCE!
DEF CON 29 - Orange Tsai - ProxyLogon Just Tip of the Iceberg, New Attack Surface on Exchange Server
RomHack 2023 - Orange Tsai - A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor [...]
![RomHack 2023 - Orange Tsai - A 3-Year Tale of Hacking a Pwn2Own Target: The Attacks, Vendor [...]](https://img.youtube.com/vi/HlOzSLcFdnY/0.jpg)