Ruikai Peng

Hey, I am Ruikai.
I am a 17 years-old working on binary^[1] security and LLMs. I've been working on it since 11.

things about me:

• Pwno, founder
  • r&d startup, LLMs for real-world memory security problems
    at the innermost systems that billions used daily
  • We found memory bugs in: Linux, FFmpeg, V8, Firefox, Chromium, WebKit, PostgreSQL, Redis, ...
• retr0.blog, storytell of how I exploit bugs from the lowest part of computers
  • exploiting a heap overflow in llama.cpp^[2]
  • creating a one-click rce in evernote
  • rop'ing a tenda router
  • ...
• US National Team, International Cybersecurity Olympiad (ICO)
• bugs



Talks

• Youngest speaker at OAIC (Oct, 2025)
  • Deductive Engine: Human Inspired Taint Reasoning
  • I talked about how I designed a human-inspired taint engine via LLM reasoning, and how we used it found two overflows in Unitree Robodogs' BLE stack within 20 minutes
• Youngest speaker at Black Hat USA (Aug, 2025)
  • Thinking Outside the Sink: Dataflow and Tree-of-Thoughts
  • I talked about we designed a dataflow engine inspired by Tree-of-Thoughts, and how we used it to do vulnerability discovery to PoCs generation (pruning, restriction generation and that kind of stuff)
• Youngest speaker at Zer0con (Apr, 2025)
  • Llama's Paradox: Hardcore Inference Attack
  • I talked about how I use a super fun but complex way to RCE LLama.cpp via a little heap-overflow in tensor processing.
• Youngest member of Tencent Talent Program



Media

• Mentioned by Lex Fridman
• Bugcrowd: Ruikai Peng, Spotlight
• Bloomberg: 16 y/o from CT, AI cyber startup
• questions / resume



Fun Facts

• I did my first router ROP at 12
• I can play neon by john mayer
• I played troy bolton in middle school

1. binary — the inner workings of computers.
2. once YC Hacker News top 3