SeungHyun Kim

Skills

Education

Korea University Republic of Korea

BACHELOR AND MASTER’S DEGREE March, 2019 ‑

• GPA 3.55 / 4.5

Experience

Korea University Republic of Korea

UNDERGRADUATE RESEARCHER August, 2020 ‑ January, 2021

• Bug hunting from a computer hardware community which is named ”QuasarZone” and has over 200,000 users
• Reported 0‑day vulnerability on Wordpress plugin and got assigned CVE‑2020‑23325

Pentest at public institution of Korea Republic of Korea

RED Team May, 2021 - May, 2021

• Worked with NIS
• Found some critical vulnerabilities

Pentest at N***** Republic of Korea

RED Team June, 2021 - Jan, 2022

• Worked with CYDF and School of Cybersecurity of Korea University
• Found some critical vulnerabilities

HAECHI LABS Republic of Korea

Security Researcher April, 2022 - August, 2023

• Blockchain & Web Security

Zellic USA (remote)

Security Researcher August, 2023 -

• Blockchain & Web Security

Activity

Conference Speaker Republic of Korea

• The Hacker Owl 2th - Topic: PHP output buffering analysis in php-src level

CTF Player (a.k.a hacking competition) International

• Founded a team named ”Super Guesser” which was ranked 3rd place globally in 2021
• Play CTFs with team Super Guesser and WreckTheLine

CTF Challenge Author International

• A web challenge (about abusing PHP execution timeline with Segmentation Fault and session.upload_progress.cleanup) at IJCTF 2021
• Three web challenges (about Prototype Pollution + SQL Quine, DNS rebinding, pwn PHP via Zend module) at ASIS CTF 2020
• Three challenges (about DOM Clobbering, blind regular expression injection, pwn custom C++ http server) at IJCTF CTF 2020
• A web challenge (about XSS using SQL Injection with OUTFILE for bypassing CSP) at Belluminar 2019
• Lead challenge author of WACON (2022 ~)
• A part of ACSC CTF Organizers

0‑day research

• SQL Injection at Wordpress Plugin / CVE‑2020‑23325
• Reported 0‑day vulnerability of Windows explorer.exe to MSRC(Microsoft Security Response Center / VULN‑044164)
• Apple SMTH / waiting for being patched

Security Blog

• I write about CTF write ups normally. - currently under maintenance

Honors & Awards

2023	Finalist, SECCON CTF 2023	International
	Finalist, HITCON CTF 2023	International
	4th place, DEFCON CTF 31 Prequal	International
	3rd place, LINE CTF 2023	International
	2nd place, Samsung SSTF 2023	International
	2nd place, Whitehat Contest 2023 (Prize: 10,000,000 KRW)	Republic of Korea
2022	1st place, WhiteHat Contest 2022 (Prize: 20,000,000 KRW)	Republic of Korea
	2nd place, BlackHat Mea CTF (Team {{7*7}}, Prize: 200,000 SAR)	International
	Finalist, DEFCON CTF 30 Final	International
	1st place, LINE CTF 2022 (Prize: $5,000 USD)	International
	3rd place, Codegate 2022 (University Section)	Republic of Korea
	3rd place, CCE 2022 (General Section 3rd place prize)	Republic of Korea
2021	1st place, SECCON CTF 2021 (Prize: 400,000 JPY)	International
	1st place, N1CTF 2021 (Prize: 1,000 USD)	International
	2nd place, TSG CTF 2021 (Prize: 213.37 USD)	International
	2nd place, CCE 2021 Prequal (General Section)	Republic of Korea
	Finalist, International Cybersecurity Challenge by ENISA (Member of the national team)	International
	2nd place, Whitehat Contest 2021 (General Section, Prize: 10,000 USD)	Republic of Korea
	3rd place, Samsung CTF 2021 (SSTF, Prize: Samsung Electronics (almost 1,000 USD))	International
	Qualified for Final, XCTF Final	International
	1st place, CyBRICS CTF 2021 (Prize: 5,000 USD + XCTF Final Ticket)	International
	Qualified for Final, Google CTF 2021	International
	1st place, redpwn CTF 2021	International
	3rd place, WeCTF 2021	International
	3rd place, LINE CTF (Prize: 2,000 USD)	International
	1st place, zer0pts CTF (Prize: 1,337 USD by Github Security Lab + 75 XTZ)	International
	6th place, DEFCON CTF 29 Final	International
2020	1st place, HITCON CTF (Prize: 8,192 USD, DEFCON 29 Final Ticket)	International
	1st place, Dragon CTF (Prize: 2,000 USD)	International
	1st place, Balsn CTF (Prize: 30,000 TWD)	International
	Finalist, Cyber Operations Competition (General Seciton)	Republic of Korea
	Finalist, Codegate 2020 (University Section, USACykor)	Republic of Korea
	2nd place, pbctf (Prize: 200 USD + Binary Ninja License)	International
	3rd place, Tasteless CTF 2020	International
	3rd place, hxpCTF 2020	International
2016	Finalist, Codegate 2016 (Junior Section)	International
2015	4th place, WhiteHat Contest 2015 (Junior Section, Final)	Republic of Korea
	Finalist, Codegate 2015 (Junior Section)	International
	Prize by Hauri, YISF 2015	Republic of Korea
2014	Finalist, Seucrity Olympiad	Republic of Korea
	Prize by Ahnlab, YISF 2014	Republic of Korea