Cheng-Da Tsai, also as known as Orange Tsai, is member of DEVCORE and CHROOT from Taiwan. He is a speaker at conferences such as HITCON, WooYun and AVTokyo. He participates in numerous Capture-the-Flags (CTF), and won 2nd place in DEF CON 22 as team member of HITCON. Orange is currently focusing on vulnerability research & web application security. Orange enjoys finding vulnerabilities and participates in Bug Bounty Program. He is enthusiastic about finding Remote Code Execution (RCE) on big vendors, and uncovered RCE in several vendors, such as Facebook, Uber, Apple, GitHub, Yahoo and Imgur.
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages!