From 163897853f0871b5404547b5e65410c5fa5f6990 Mon Sep 17 00:00:00 2001 From: Marco <33866739+mlgzackfly@users.noreply.github.com> Date: Tue, 23 Dec 2025 13:28:29 +0800 Subject: [PATCH 1/4] docs: update macro's member page Updated bio and added new achievements and experiences. --- src/member/2024/Marco.tsx | 32 ++++++++++++++++++++++++++++++-- 1 file changed, 30 insertions(+), 2 deletions(-) diff --git a/src/member/2024/Marco.tsx b/src/member/2024/Marco.tsx index f706d26..29ff825 100644 --- a/src/member/2024/Marco.tsx +++ b/src/member/2024/Marco.tsx @@ -4,8 +4,9 @@ import { MemberArticleType, MemberCertificateType, MemberInternType, MemberParti export const MarcoMemberPage = () => { const bio =
-

專注於資訊安全領域,具備多場 CTF 實戰經驗,涉獵範圍涵蓋 Web、Mobile、OSINT 等多種題型,並曾於多項比賽中獲得佳績。持續累積漏洞揭露紀錄,曾於 HITCON ZeroDay 平台上揭露多起高風險弱點。現就讀於國立臺北科技大學資訊安全碩士學位學程,並於業界實習,實踐學術與實務並進。熱衷於技術研鑽與社群參與,期望在資安領域持續深耕,拓展視野。 - chatGPT

-

更多資料在我的個人網站

+

黃昱翔專注於資訊安全工程與攻防實務,具備紅隊與攻擊手角色之實戰經驗,熟悉完整攻擊鏈流程與攻防情境推演。累積多場 CTF 競賽與實戰型攻防演練經驗,技術能力涵蓋 Web 與 Mobile 應用程式安全、OSINT 情資分析、系統層級弱點利用、存取控制繞過與橫向移動等關鍵攻擊面,並於多項具代表性之資安競賽中取得可驗證之成果。長期投入軟體弱點分析與責任式揭露,曾於 HITCON ZeroDay 平台揭露多起高風險與高影響力漏洞,展現成熟的弱點挖掘與風險判斷能力。 - chatGPT

+

更多資料在 個人網站

+

可以看看 部落格

const certificates: MemberCertificateType[] = [ { @@ -14,6 +15,11 @@ export const MarcoMemberPage = () => { }, ] const raceExperiences: MemberCompetitionExperienceType[] = [ + { + title: "AIS3 EOF CTF 2026 / 隊名:想對名真的好難", + result: "第 29 名(50%)", + datetime: "2025" + }, { title: "InfoSec Taiwan CTF 2025 / 隊名:Archetype", result: "第 26 名(48%)", @@ -76,6 +82,10 @@ export const MarcoMemberPage = () => { } ] const participates: MemberParticipateType[] = [ + { + "title": "榮獲 DEVCORE 2025 全國資訊安全獎學金", + "datetime": "2025" + }, { "title": "教育部資訊及科技教育司 - 114年度教育體系資安攻防演練 攻防檢測員", "datetime": "2025" @@ -145,6 +155,24 @@ export const MarcoMemberPage = () => { const conferences: MemberArticleType[] = [] const techConfs: MemberArticleType[] = [] const zeroday: MemberZeroDayType[] = [ + { + id: ( +
+ Northern Tech HackerOne +
+ ), + title: "Northern Tech HQ BugBounty $200 USD", + datetime: "2024.11.20" + }, + { + id: ( +
+ CVE-2025-13468 +
+ ), + title: "SourceCodester Alumni Management System Delete admin_class.php delete_event authorization", + datetime: "2024.11.20" + }, { id: (
From 59be5ce737eaf02572415b176aa41bd8c97a8d27 Mon Sep 17 00:00:00 2001 From: mlgzackfly Date: Tue, 23 Dec 2025 13:33:26 +0800 Subject: [PATCH 2/4] docs: correct ZeroDay date in documentation --- src/member/2024/Marco.tsx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/member/2024/Marco.tsx b/src/member/2024/Marco.tsx index 29ff825..f77a2f8 100644 --- a/src/member/2024/Marco.tsx +++ b/src/member/2024/Marco.tsx @@ -162,7 +162,7 @@ export const MarcoMemberPage = () => {
), title: "Northern Tech HQ BugBounty $200 USD", - datetime: "2024.11.20" + datetime: "2025.11.20" }, { id: ( @@ -171,7 +171,7 @@ export const MarcoMemberPage = () => { ), title: "SourceCodester Alumni Management System Delete admin_class.php delete_event authorization", - datetime: "2024.11.20" + datetime: "2025.11.20" }, { id: ( From c00485f273812ce6b41612cd3f3ddfa4b7dfd4da Mon Sep 17 00:00:00 2001 From: mlgzackfly Date: Tue, 23 Dec 2025 13:35:23 +0800 Subject: [PATCH 3/4] docs: add ZeroDay documentation --- src/member/2024/Marco.tsx | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/member/2024/Marco.tsx b/src/member/2024/Marco.tsx index f77a2f8..c2700fc 100644 --- a/src/member/2024/Marco.tsx +++ b/src/member/2024/Marco.tsx @@ -173,6 +173,24 @@ export const MarcoMemberPage = () => { title: "SourceCodester Alumni Management System Delete admin_class.php delete_event authorization", datetime: "2025.11.20" }, + { + id: ( +
+ ZD-2025-00620 +
+ ), + title: "馬辣官網 會員系統 Reflected XSS", + datetime: "2025.08.22" + }, + { + id: ( +
+ ZD-2025-00615 +
+ ), + title: "八方雲集 線上教學平台 SQL injection、加密機制失效", + datetime: "2025.08.06" + }, { id: (
From 71e7540233957d8ca8d84f95c0af2050ada8e77d Mon Sep 17 00:00:00 2001 From: mlgzackfly Date: Mon, 2 Feb 2026 18:32:04 +0800 Subject: [PATCH 4/4] Update Marco's certificates - add CWES, PWPA, eJPT, and Web-RTA certifications --- src/member/2024/Marco.tsx | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/src/member/2024/Marco.tsx b/src/member/2024/Marco.tsx index c2700fc..60d4db8 100644 --- a/src/member/2024/Marco.tsx +++ b/src/member/2024/Marco.tsx @@ -9,6 +9,23 @@ export const MarcoMemberPage = () => {

可以看看 部落格

const certificates: MemberCertificateType[] = [ + { + title: "Certified Web Exploitation Specialist(CWES)", + datetime: "2026.02.02" + }, + { + + title: "Practical Web Pentest Associate (PWPA)", + datetime: "2026.01.24" + }, + { + title: "eJPT - eLearnSecurity Junior Penetration Tester", + datetime: "2026.01.24" + }, + { + title: "Certified Web Red Team Analyst (Web-RTA)", + datetime: "2026.01.09" + }, { title: "iPAS 資訊安全工程師-初級能力鑑定", datetime: "2024.06.01"