Experience
South Korea
RED TEAM/FREELANCER Apr, 2022 ‑ Present
- I am working only at home
- Source code auditing and Architecture analysis
- Research the security status of various search engine/web services
- Found 0-Day vulnerabilities in various CMS and NPM or desktop apps
██ ████████ South Korea
BLUE TEAM Nov, 2021 - Dec, 2021
- Found various vulnerabilities in the ██ bank project
- Found various vulnerabilities in websites of various customers
██ ████████ South Korea
BLUE TEAM Aug, 2021 - Sep, 2021
- Found various vulnerabilities in websites of various customers
Activity
CTF Player South Korea/USA
Web Hacking Apr, 2020 - Present
Dreamhack Challenge Author South Korea
- easyxss-v2 (XSS, SSRF, IDOR, URL Parser Confusing) at Dreamhack#451
- easyxss (XSS, Hostname Bypass) at Dreamhack#273
- Environment Pollution (Prototype Pollution, Strtoupper) at Dreamhack#205
URLParserCon South Korea
NPM Researching 2022
- There are various flaws in many URL parsers. This flaw can lead to SSRF, XSS, and Open Redirect
- Have listed the various URL Parser modules of NPM. Found 0-Day in the parser and reported it.
- Earned 4170 USD through this project
Bug Bounty
NASA Bug Bounty
Microsoft Bug Bounty
Dreamhack Bug Bounty 500 USD
CVE Hunting 4623.5 USD
- CVE-2021-3815, CVE-2021-3829, CVE-2021-3831 ~ CVE-2022-21649, CVE-2023-1117 (26+)
KVE Hunting 1600 USD
- KVE-2021-1229, KVE-2021-1276, KVE-2021-1416, KVE-2021-1417, KVE-2021-1456, KVE-2021-1462, KVE-2021-1464
NBB Hunting 1500 USD
- NBB-2081, NBB-2082, NBB-2083, NBB-2153, NBB-2256, NBB-2285, NBB-2286, NBB-2287, NBB-2292