Zhengyu Liu

I am currently a second-year Ph.D. student in Computer Science at Johns Hopkins University, advised by Prof. Yinzhi Cao. Before joining JHU, I received my bachelor's degree in Cybersecurity from Sichuan University. During my undergrad, I was very fortunate to be advised by Prof. Cheng Huang.

My research interest lies in Web Security and AI Software Security, especially leveraging program analysis approaches to detect/exploit/patch vulnerabilities in real-world complex applications and systems.

Besides, I am a CTF pwn&web player. I lead the team Z0D1AC (JHU academic team) and is a member of thehackerscrew (international team, Top 10 on CTFTime.org).

[New!!] My talk about DOM Clobbering just got accepted to the DEFCON 33 main stage! See you in Las Vegas this August!

Email / GitHub / Blog / CV / Google Scholar / Linkedin

Publications

The DOMino Effect: Detecting and Exploiting DOM Clobbering Gadgets via Concolic Execution with Symbolic DOM

Zhengyu Liu, Theo Lee, Jianjia Yu, Zifeng Kang, and Yinzhi Cao
paper / poster / code / slides /
To appear in the Proceedings of USENIX Security Symposium, 2025
■ Artifact Badges: Artifacts Available, Artifacts Functional, Results Reproduced

Follow My Flow: Unveiling Client-Side Prototype Pollution Gadgets from One Million Real-World Websites

Zifeng Kang, Muxi Lyu, Zhengyu Liu, Jianjia Yu, Runqi Fan, Song Li, and Yinzhi Cao
paper / poster / code / slides /
To appear at IEEE Symposium on Security and Privacy (S&P Oakland), 2025
■ Distinguished Paper Award

Undefined-oriented Programming: Detecting and Chaining Prototype Pollution Gadgets in Node.js Template Engines for Malicious Consequences

Zhengyu Liu, Kecheng An, and Yinzhi Cao
paper / poster / code / slides /
IEEE Symposium on Security and Privacy (S&P Oakland), 2024
■ Nominee of Top 10 Web Hacking Techniques of 2024 by PortSwigger

A Framework for Threat Intelligence Extraction and Fusion

Yongyan Guo, Zhengyu Liu, Cheng Huang, Nannan Wang
paper / poster / code / slides /
Computer & Security

Coreference Resolution for Cybersecurity Entity: Towards Explicit, Comprehensive Cybersecurity Knowledge Graph with Low Redundancy

Zhengyu Liu, Haochen Su, Nannan Wang, Cheng Huang
paper / poster / code / slides /
EAI International Conference on Security and Privacy in Communication Networks (SecureComm), 2022

CyberRel: Joint Entity and Relation Extraction for Cybersecurity Concepts

Yongyan Guo, Zhengyu Liu, Cheng Huang, Jiayong Liu, Wangyuan Jing, Ziwang Wang, Yanghao Wang
paper / poster / code / slides /
International Conference on Information and Communications Security (ICICS), 2022
■ Best Student Paper Award

A Sybil Detection Method in OSN based on DistilBERT and Double-SN-LSTM for text analysis

Xiaojie Xu, Jian Dong, Zhengyu Liu, Jin Yang, et al.
paper / poster / code / slides /
EAI International Conference on Security and Privacy in Communication Networks (SecureComm), 2021

Talks

From Static to Smart: LLM-enhanced Static Analysis on Web Application Vulnerability Detection
Ant Group SRC Annual Celebration, June 2025
slides / video /

The DOMino Effect: Automated Detection and Exploitation of DOM Clobbering Vulnerability at Scale
DEFCON 33, Las Vegas, Aug 2025
slides / video /

Capture The Flags

Team member @ TheHackersCrew Won 17 medals for the year of 2024, 7 Gold + 5 Silver + 5 Bronze	2023 Jan. - Now
Co-lead @ The Group Z0D1AC Achieved 2nd place RaymondJamesCTF 2024 ($5000 cash prize), 3rd place RaymondJamesCTF 2023 ($2500 cash prize), etc.	2022 Oct. - Now

Selected Honors & Awards

Cybersecurity Elite Honor, School of Cyber Science and Engineering, Sichuan University	2022 May
The 404 Scholarship, School of Cyber Science and Engineering, Sichuan University	2022 Dec.
First Class Scholarship, School of Cyber Science and Engineering, Sichuan University	2021 Sep.
Outstanding Student Honor, Sichuan University	2020 & 2021

Finalist (with Team 42-b3yond-6ug), DARPA AI Cyber Challenge (AIxCC)	2024 Aug.
The 9th Place, 2021 ByteDance Security AI Competition, ByteDance(TikTok)	2021 Nov.
The 2nd Place, School of Computing Summer Workshop, National University of Singapore	2021 July
Excellent Thesis, Innovation and Entrepreneurship Training Program for College Students	2020 Sep.
Third Prize (¥30,000), The 4th “Qiangwang Cup” National Cybersecurity Challenge	2020 Sep.

Professional Services

External Reviewer

Annual Computer Security Applications Conference (ACSAC '25)
Symposium on Research in Attacks, Intrusions, and Defenses (RAID '25)
Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb '25)
IEEE Symposium on Security and Privacy (S&P '25)
USENIX Security Symposium (Usenix '24, '25)
IEEE Computer Security Foundations Symposium (CSF '24)
Conference on Detection of Intrusions and Malware & Vulnerability Assessment (DIMVA '24)

Artifact Evaluation Committee

Network and Distributed System Security Symposium (NDSS '26)

The ACM Conference on Computer and Communications Security (CCS '25)

USENIX Security Symposium (Usenix '25)

Experiences

Security Research Intern, Siemens	2025 June. - 2025 Aug.
Course Assistant, EN.445/645 Practical Cryptographic Systems (25 Spring), JHU	2025 Feb. - 2025 May.
Course Assistant, EN.601.340/440/640 Web Security (23 Fall), JHU	2023 Sep. - 2023 Dec.
Research Assistant, JHU, Advisor: Dr. Yinzhi Cao	2023 June - 2023 Aug.
Research Assistant, Sichuan University, Advisor: Dr. Cheng Huang	2020 Aug. - 2022 June

StarBugs

I have discovered some vulnerabilities in popular OSS (over 30 CVEs in repos with >1K stars on GitHub), as well as in products maintained by companies including Google, Microsoft, Meta, and Ant Group (Alipay). A selective list of them is shown below.

CVE-2025-5120	HuggingFace Transformers & Smolagents	Sandbox Escape
CVE-2025-24049	Microsoft Azure CLI	RCE
CVE-2025-30358	Mesop	DoS & Jailbreak
CVE-2025-30374	Taipy	XSS & RCE
CVE-2024-43805	Jupyter Notebook/JupyterLab	Stored XSS
CVE-2024-38354	Hackmd.io	Stored XSS
CVE-2024-49362	Joplin	RCE
CVE-2024-12029	InvokeAI	RCE (Deserialization)
CVE-2024-43788	Webpack	DOM Clobbering

Design and source code from Jon Barron's website