HITCON Review Board


Tsung Peikan (aka PK), Co-Founder at CyCarrier/CyCraft Technology Cooperation, He has experiences of intensive computer forensic, malware and exploits analysis and reverse engineering. PK, specializing in cybercrime and Advanced Persistent Threats (APT) investigation, worked for National Police Agency for six years and Academia Sinica for two years before. After that, PK moved to Verint Systems Taiwan as a chief cyber researcher until September 2017. He has had long-term research on APT, IOT, automotive ECU safety and been the chairman of the HITCON Reviewboard for many years as well. Besides, he is also the speaker of TWNIC, Black Hat, DEFCON, SyScan, HITCON, and HTCIA.

Allen Own

HITCON Community Coordinator / DEVCORE CEO

Big Alan

Alan is HITCON CTF team manager. He works in Mediatek IT department. His job is to harden enterprise systems and handle cyber security incidents. Also he promotes IoT chip applications. His previous job was in ChungHwa Telecom being a security system architect , planning incident handling procedure for security department and planning cloud services for cloud department .


Jeremy Chiu (aka Birdman) is a co-founder at CyCarrier/CyCraft Technology Cooperation. He has more than fifteen years of experience with Malware analysis, Machine Learning, CTI research and focusing on kernel technologies for both the Win32 and Linux platforms. In Taiwan, he is recognized as a very senior anti-malware programmer and early pioneer in APT research. He and Benson founded Xecure Lab in 2011 providing digital forensics and APT detection solution, then in 2014, Xecure Lab was acquired by Israeli-American Company Verint Systems. For many years, he was a contracted law enforcement instructor at intelligence agencies in Taiwan, and fre/quently gave talks at security conferences like DEFCON, SyScan, HITCON, AVTokyo, HTICA and OWASP Asia.

Chen-Mou Cheng

Chen-Mou Cheng programs and teaches cryptography. He has taught at National Taiwan University, Technische Universität Darmstadt, Kyushu University, and Osaka University. He is now an associate professor at Kanazawa University (and an adjunct associate professor at National Taiwan University).

Chen-yu Dai (GD)

Chen-yu Dai (GD) is a security researcher at Rakuten CERT. Besides incident response and threat hunting roles, he builds in-house systems for Blue Team to deal with unknown cyber threats. He has received some prizes from CTFs, bug bounty programs, and been speaker at several conferences: HITCON, TROOPERS, CODE BLUE, IEEE GCCE, etc.


I write code and study criminal behaviour of online identities with poor ethical principles.

gasgas (ziv_chang)

Gasgas (Ziv Chang, YuMin Chang) is the Sr. Director of CyberSafety Solution Dept in TrendMicro. He is widely recognized for his work in APT campaigns studying, penetration testing, code review, malware analysis, vulnerability research, security architecture and security strategy in Taiwan. Prior to joining TrendMicro, YuMin was the CTO for Information Security Service Digital United, a biggest MSSP in Taiwan. YuMin is one of founder of HITCON (Hacks in Taiwan conference) and appear in the keynote of most important conferences in Taiwan (including HITCON 2005,2008,2012,2016, ITHOME 2015,2016, HONEYCON 2014,2015,2016) and also Black Hat Briefings Asia - Singapore 2000. He holds a degree in Mathematics and a Masters in Computer Science from the National Tsing Hua University, Taiwan, where he is also a PhD candidate. He holds also certifications of CERT/CC, CISSP, CEH, CHFI and ECSA/LPT.


Chief Scientist of InfoKeyVault Technology Co., Ltd. and Outstanding Teaching Faculty at National Taiwan University. Courses delivered at NTU: Cryptography, Elliptic Curve Cryptography, Cryptanalysis, Post-Quantum Cryptography, and Introduction to FinTech.


Ming-chieh's (Nanika) is Chief Researcher in Team T5 Research. He is a well-known vulnerability researcher, and has been disclosing new vulnerabilities for many years. His major areas of expertise include vulnerability research, exploit techniques, malware detection, and mobile security. He has 10+ years of experience on vulnerability research, especially on Windows platform and malicious document and exploit. He discovered numerous Windows system and document application vulnerabilities, such as Microsoft Office, Adobe PDF, and Flash. In recent years, he started his exploration and discovering problems in Mac OS X. He frequently presents his researches at security conferences, such as Black Hat, HITCON, and Syscan.


A passionate security research with deep knowledge on the field and hands-on experience on IR and APT Research background. Over 10 years experience in penetration testing, incident response and vulnerability research. The current research area is SDN Security.

Tim Hsu (Consultant)

CHROOT and HITCON founder. Since 2004, organized the CHROOT Security Group and HITCON(Hacks In Taiwan Conference) with friends. Interest in Linux, network and security, usually join in open source community and like to share knowledge and experience. Over 10 years experience in penetration testing, malware, rootkit and vulnerability research.

TT (Sung-ting Tsai)

Sung-ting (TT) is the leader of Team T5, a cyber threat research and solution provider. They monitor, analyze, and track cyber threats throughout the Asia Pacific region. His major areas of interest include analyzing malware, tracking cyber threats, and reverse engineering on vulnerability and exploit. He especially is interested in new vulnerabilities in new technologies, and frequently presents the team's research at security conferences, such as Black Hat, HITCON, Code Blue, and Syscan. TT is also the board director of association of hackers in Taiwan as well as organizer of HITCON, the largest security community and conference in Taiwan.

Yen-Ming Chen

Yen-Ming started his security career protecting Fortune 500 companies through penetration testing, product assessment, training and other consulting / product development with Foundstone / McAfee / FireEye. Then he transforms Fortune 500 companies business with security through program management balancing security, compliance, engineering, operation and regulatory requirements to achieve trustworthy results in Citigroup, Microsoft Azure and Apple. He speaks in International conferences and contributed to five books including "To The Cloud" and "Hacking Exposed" series and had two open source projects for Snort log analytics. He got his master degree from Carnegie Mellon University's Information Networking Program and bachelor degree in Mathematics from National Central University in Taiwan.


Zuan is a member of Chroot group, and has been a staff for HITCON for almost 10 years. He specializes in reverse engineering software and hardware (embedded systems), malware analysis and cryptography. He authored one of the reversing challenge in HITCON 2011 and 2012's Wargame. Also, many years ago he was active in Cheat Engine Forum, and wrote two of the widely circulated (leaked) game hacks of that time ("Zuan Engine" and "MzBot").

Orange Tsai

Cheng-Da Tsai, also as known as Orange Tsai, is a member of DEVCORE and CHROOT from Taiwan. Speaker of conferences such as Black Hat USA, Black Hat ASIA, DEFCON, HITCON, HITB, CODEBLUE and WooYun. He participated in numerous Capture-the-Flags (CTF), and won 2nd place in DEF CON 22/25 as team member of HITCON.

Currently focusing on vulnerability research & web application security. Orange enjoys to find vulnerabilities and participates Bug Bounty Program. He is enthusiasm for Remote Code Execution (RCE), also uncovered RCE in several vendors, such as Facebook, Uber, Apple, GitHub, Yahoo and Imgur.

Twitter: @orange_8361

Blog: http://blog.orange.tw/

Chong-Kuan Chen(Bletchley)

Chung-Kuan Chen is currently a senior researcher in Cycraft, and responses for organizing their research team. He earned his PHD degree of Computer Science and Engineering from National Chiao-Tung University (NCTU). His research focuses on network attack and defense, machine learning, software vulnerability, malware and program analysis. He tries to utilize machine learning to assist malware analysis and vulnerability discovery, and build automatic attack and defense systems. He has published several academic journals and conference papers, and has involved in many large research projects from digital forensic, incident response and malware analysis. He also dedicates to security education. Founding of NCTU hacker research clubs, he trains students to participate world-class security contests, and has experience of participating DEFCON CTF (2016 in HITCON Team and 2018 as coach in BFS team). Besides, he has presented technical presentations in non-academic technique conferences, such as HITCON, RootCon, CodeBlue OpenTalk, FIRST and VXCON. As an active member in Taiwan security community, he is in the review committee of HITCON conference, and ex-chief of CHROOT - the top private hacker group in Taiwan. He organized BambooFox Team to join some bug bounty projects and discover some CVEs in COTS software and several vulnerabilities in campus websites.


Angelboy is a member of chroot and HITCON CTF team. He is researching about binary exploitation, especially in heap related exploitation. He participated in a lot of CTF, such as HITB, DEFCON, Boston key party, won 2nd in DEFCON CTF 25,27 and won 1st in Boston key party 2016, 2017 with HITCON CTF Team. He is also a speaker at conferences such as HITCON, VXCON, AVTokyo, HITB GSEC.

Hikohiro Y Lin

Mr. Hikohiro Y Lin was born in Kobe City of Japan. After finishing his master degree at George Mason University in Virginia USA, he has joined Panasonic and started as an IoT security researcher since 2003.

Since then he has spent more than 15 years mainly focused on the IoT security field. Currently, Hikohiro is the Global Head of Panasonic PSIRT and General Manager of Product Security Global Strategy Division, Product Security Center, Panasonic Corporation HQ, leading product security activities such as establishing Panasonic Cyber Security Lab for future cybersecurity research, making a red team for testing IoT devices and guidelines and product-focused security incident responses. Also, He has received (ISC)² ISLA(Information Security Leadership Achievement)APAC Senior Information Security Professional 2018 Showcased Honoree and Community Service Star. He speaks in many international conferences such as Black Hat, CODE BLUE, Kaspersky Security Analyst Summit (SAS),HITCON and Government invited roundtable Panelist.

Bugs or wheels? Feedback and support here.

More on contact [email protected]

If you have any privacy or security concern when contacting the HITCON Committee,you can communicate with us through the use of following PGP public key:
Key ID: E40856AA Fingerprint = BE1D 0B31 2271 079C CB45 001E 76B9 DFE6 E408 56AA The public key is available at:PublicKey Download