张维垚 Zhang

Information Security Director

Jiading District, Shanghai, China
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
张维垚 (Weiyao Zhang) is an Information Security Director with 12 years of hands-on experience building security programmes from 0→1 and scaling them across large enterprises. He combines board-level architecture and team leadership with operator-level skills—able to design global security architecture, lead cross-functional implementation, and still contribute to exploit modules and vulnerability scanners. Past roles span risks and security engineering at Ele.me, founding and open-sourcing tools at Tongcheng (notably the Xunfeng scanner) and progressive leadership at Huazhu where he rose from architect to director. He maintains a broad industry network for rapid team assembly, runs daily reading and threat-trend tracking, and has experience in productizing security features like watermarking, mobile SDK protections, and high-concurrency DB auditing. A pragmatic leader who still codes, he’s known for turning security strategy into reproducible projects adopted by SMEs.
code11 years of coding experience
job3 years of employment as a software developer
bookBachelor's degree, Computer Science, Bachelor's degree, Computer Science at Wenzheng College of Soochow University
languagesEnglish, Chinese
github-logo-circle

Github Skills (10)

scanner10
exploit10
vulnerability-assessment10
exp10
python10
infosec10
vulnerability10
security10
javascript7
bash6

Programming languages (15)

C#JavaC++CSSCGoPerlShell

Github contributions (5)

github-logo-circle
ysrc/xunfeng

Dec 2016 - Mar 2021

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。
Role in this project:
userSecurity Engineer
Contributions:35 commits, 8 PRs, 35 pushes in 4 years 3 months
Contributions summary:张维垚 primarily contributed to the vulnerability scanning aspects of the project, specifically updating and creating exploit modules. Their work included modifying the `iis_webdav.py` module for IIS WebDav vulnerabilities and the `zookeeper_unauth_access.py` module for Zookeeper unauthorized access. They also worked on a module for cracking supervisor web and implemented user list. Additionally, the user modified a JavaScript file for plugin installation within the application's user interface and adjusted the `Run.sh` script.
security-auditscannersecurity-toolsbugbountysecurity
ysrc/GourdScanV2

Oct 2016 - Nov 2017

Contributions:38 commits, 4 PRs, 39 pushes in 1 year
bugbountysecuritypentesting
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
张维垚 Zhang - Information Security Director