Jeongwon Jo (Pocas)


About

About

Security Research, Web Penetration Testing/Bug Hunting,
Blog, Email, @P0cas, @jeongwon__9, @PocasCyber

Work Experience

Work Experience

  • Security ResearchRedAlert

    Apr, 2022 - Present

    • I am working only at home (FREELANCER)
    • Source code auditing and Architecture analysis
    • Found 0-Day vulnerabilities in various search engine/web services
    • Found 0-Day vulnerabilities in various CMS and NPM or desktop apps
  • Security Consulting, ██ ████████

    Nov, 2021 - Dec, 20212 months

    • Found various vulnerabilities in the ██ bank project
    • Found various vulnerabilities in websites of various customers
  • Security Consulting, ██ ████████

    Aug, 2021 - Sep, 20211 months

    • Found various vulnerabilities in websites of various customers
Experience

Activity

  • CTF Player, ST4RT, icypete

    Apr, 2020 - Present

    Participate in CTF at ST4RT and icypete but i participate alone often :)

  • Dreamhack Challenge Author

  • URLParserCon

    NPM Researching

    • There are various flaws in many URL parsers. This flaw can lead to SSRF, XSS, and Open Redirect
    • Have listed the various URL Parser modules of NPM. Found 0-Day in the parser and reported it.
    • Earned $4,170 through this project
Bug Bounty

Bug Bounty