Alan Li (lebr0nli)

Stay hungry, stay foolish. Keep hacking!

whoami

  • Alan Li ≡ alanlitw ≡ lebr0nli ≡ a nobody

pwd

  • /Users/NCU_CSIE

ls ~/favorites

  • web/
  • CTF/
  • Bug\ Bounty/
  • pwn/
  • programming/
  • rock’n’roll/

Bug Bounty

Company Vulnerability Type or Priority Reward Time
Quizlet Priority 2 Bounty 2022.02
Dcard IDOR Bounty and Hall of Fame 2021.11
Quizlet Priority 3 Bounty 2021.09
Quizlet Priority 3 Bounty 2021.08
Dcard Open Redirect Bounty and Hall of Fame 2021.07
Dcard Open Redirect Bounty and Hall of Fame 2020.09
Dcard IDOR Bounty and Hall of Fame 2020.08
Dcard IDOR Bounty and Hall of Fame 2020.08

Some links:

Quizlet Bug Bounty Program https://quizlet.com/security

Dcard Bug Bounty Hall of Fame Page https://dcard.tw/hacker

My Bugcrowd profile https://bugcrowd.com/alanlitw

CTF (Capture the Flag)

Name Participated as Rank Time Location
SECCON CTF Quals ${cYsTiCk} (team) 2nd 2023.09 online
HITCON CTF Quals Blue Water (team) 1st 2023.09 online
Asian Cyber Security Challenge lebr0nli (solo) 35th (Taiwan 6th) 2023.02 online
HITCON CTF Water Paddler (team) 11th 2022.11 online
Google Capture The Flag Final Stage (Hackceler8) Water Paddler (team) Group B 3rd 2022.09 London, UK
Google Capture The Flag Qualification Water Paddler (team) 5th 2022.07 online
ångstromCTF Water Paddler (team) 3rd 2022.05 online
Asian Cyber Security Challenge lebr0nli (solo) 56th (Taiwan 6th) 2021.09 online
AIS3 Pre-Exam e^iπ+1day (solo) 6th 2021.05 online

I participated in more than 50+ CTFs on CTFtime.org since early 2021 with my one-man CTF team, e^iπ+1day

From May 2022, I joined Water Paddler.

From August 2023, I also joined ${CyStick}.

Side Project

Open Source Contribution

  • pwndbg
    • Exploit Development and Reverse Engineering with GDB Made Easy
    • Python
    • My commits
  • one_gadget
    • The best tool for finding one gadget RCE in libc.so.6
    • Ruby
    • My commits
  • Hackbar
    • A browser extension for Penetration Testing
    • Javascript
    • My commits