메인 컨텐츠로 넘어가기

email blog.pocas.kr P0cas

Experience

South Korea

RED TEAM/FREELANCER Apr, 2022 ‑ Present

  • I am working only at home
  • Source code auditing and Architecture analysis
  • Research the security status of various search engine/web services
  • Found 0-Day vulnerabilities in various CMS and NPM or desktop apps

██ ████████ South Korea

BLUE TEAM Nov, 2021 - Dec, 2021

  • Found various vulnerabilities in the ██ bank project
  • Found various vulnerabilities in websites of various customers

██ ████████ South Korea

BLUE TEAM Aug, 2021 - Sep, 2021

  • Found various vulnerabilities in websites of various customers

Activity

CTF Player South Korea/USA

Web Hacking Apr, 2020 - Present

  • Participate in CTF at ST4RT and icypete but i participate alone often :)

Dreamhack Challenge Author South Korea

URLParserCon South Korea

NPM Researching 2022

  • There are various flaws in many URL parsers. This flaw can lead to SSRF, XSS, and Open Redirect
  • Have listed the various URL Parser modules of NPM. Found 0-Day in the parser and reported it.
  • Earned 4170 USD through this project

Bug Bounty

NASA Bug Bounty

Microsoft Bug Bounty

Dreamhack Bug Bounty 500 USD

CVE Hunting 4623.5 USD

  • CVE-2021-3815, CVE-2021-3829, CVE-2021-3831 ~ CVE-2022-21649, CVE-2023-1117 (26+)

KVE Hunting 1600 USD

  • KVE-2021-1229, KVE-2021-1276, KVE-2021-1416, KVE-2021-1417, KVE-2021-1456, KVE-2021-1462, KVE-2021-1464

NBB Hunting 1500 USD

  • NBB-2081, NBB-2082, NBB-2083, NBB-2153, NBB-2256, NBB-2285, NBB-2286, NBB-2287, NBB-2292