Blog:https://blog.canyie.top/

Bugs & Vulnerabilities:

• Android: contributed toCVE-2024-0044 (PoC & writeup),CVE-2024-31318,CVE-2024-43080,CVE-2024-43081,CVE-2024-43088,CVE-2024-43090,CVE-2024-43762,CVE-2024-49733,CVE-2024-49741,CVE-2024-49743,CVE-2024-49744,CVE-2025-0100

(This list may be out of sync. Search "canyie" inAndroid acknowledgements for all!)

Acknowledgements & Rankings:

• As of 2025/02/24 I am currently ranked #40 in the world on the entireGoogle Bug Hunters platform, #7 in the 2024 year, and #7 in the entire Android Program.
• Nickname "canyie" onAndroid Security Acknowledgements,Google Bug Hunters Leaderboard,Xiaomi Security Center, andHuawei Bug Bounty Program

Disclaimer: Although I'm a member of LSPosed Team, all repositories hosted by this account are owned by myself. They are maintained by me alone and have no affiliation with the LSPosed team nor are they part of the LSPosed community.

PinnedLoading

1. pinepinePublic

   Dynamic java method hook framework on ART. Allowing you to change almost all java methods' behavior dynamically.

   Java 1.2k 219

2. DreamlandDreamlandPublic

   A third-party Xposed framework implementation which supports Android 5.0~14.

   Java 829 80

3. Riru-MomoHiderRiru-MomoHiderPublic archive

   A Riru module trying to make Magisk more hidden.

   C++ 707 69

4. topjohnwu/Magisktopjohnwu/MagiskPublic

   The Magic Mask for Android

   C++ 51.6k 13.5k

5. MagiskKillerMagiskKillerPublic

   Two ways to detect Magisk v23.0 and older. Magisk v24+ users won't be affected. OLD VERSIONS WERE BUGGY, UPGRADE YOUR MAGISK.

   Java 186 43

6. CVE-2024-0044CVE-2024-0044Public

   PoC and writeup for bypassing the initial patch of CVE-2024-0044, Android run-as any app vulnerability allowing privilege escalation from adb to installed app

   Java 145 20