Firmy Yang

Research Scientist at Xidian University

China
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
Firmy Yang is a research scientist and security engineer with a decade of hands-on experience in malware analysis, binary exploitation, and tooling for Android and embedded platforms. Active in the CTF community and member of multiple security teams (XDSEC, xdlinux, LCTF, Vu1nT0tal), he blends reverse engineering and exploit development with practical automation and DevOps skills. His open-source contributions span improving Cuckoo-based malware tooling, building Android/static-analysis integrations, and creating automation scripts that streamline cross-architecture pwn environments. He routinely builds end-to-end pipelines—feeding RSS-driven security alerts into multi-bot notifiers and automating data extraction from devices—demonstrating both defensive analysis and offensive research capabilities. Colleagues would note his knack for pragmatic scripting and integrating disparate tools into reliable workflows, not just isolated proofs-of-concept. Based in China, he pairs community-focused CTF experience with production-minded engineering to accelerate security research and operationalization.
code10 years of coding experience
stackoverflow-logo

Stackoverflow

Stats
1reputation
0reached
0answers
0questions
github-logo-circle

Github Skills (51)

debugging10
rss10
debug10
bins10
static-analysis10
cap10
ctf10
python10
buffer-overflow10
scripting10
bots10
bash10
gcc10
manipulation10
security10

Programming languages (19)

JavaC++CSSCRustVueGoHTML

Github contributions (5)

github-logo-circle
Vu1nT0tal/yarb

Apr 2022 - Jan 2023

方便获取每日安全资讯的爬虫和推送程序
Role in this project:
userBack-end & DevOps Engineer
Contributions:313 commits, 4 PRs, 56 pushes in 9 months
Contributions summary:Firmy primarily contributed to the development and deployment of a security information gathering and notification system. Their work involved setting up the initial Python application (`yarb.py`), integrating multiple notification bots (Feishu, WeCom, DingTalk, QQ, Telegram, and Email), and implementing features for updating and filtering RSS feeds. Furthermore, they established a system for scheduled tasks and implemented proxy settings.
botrsssecurity
firmianay/Life-long-Learner

Apr 2017 - May 2021

Personal Notes About Everything.
Role in this project:
userAutomation Engineer
Contributions:190 commits, 183 pushes, 1 branch in 4 years 1 month
Contributions summary:Firmy has demonstrated a strong focus on automation and system configuration within the repository. They added a script (`RE4B/auto.sh`) designed to automate the compilation of C code to different architectures. Additionally, they included a script (`binary-security/pwn-across-arch.sh`) that automates the setup of a penetration testing environment. The user also modified existing C code examples.
everythingnotespersonal-notes
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Firmy Yang - Research Scientist at Xidian University