Work Experience
- Penetration testing (web / mobile) and red teaming across critical sectors — oil refinery, government institutions, university hospitals, and major enterprise companies
- Red teaming engagements and exploitation of 1-day vulnerabilities
- ISMS certification support through comprehensive security assessments
- Designed and implemented infrastructure vulnerability assessment scripts
- Conducted analysis of global security incidents and built PoC demonstrations
- Studied and applied the FAIR methodology for quantitative risk assessment
- Led the development of technical and business proposals
- Penetration testing (web / mobile) and security consulting across regulated industries — financial services, pharmaceutical, payment systems, and crowdfunding platforms
- Compliance-driven assessments supporting ISO 27001 and ISMS certifications
- Critical information infrastructure security evaluation
Education
Disclosed Vulnerabilities & Bug Bounties
Host Header Injection leading to SAML authentication bypass in AWS Auth Manager
The AWS Auth Manager constructed the SAML Assertion Consumer Service URL using the client-supplied Host header, allowing an attacker to capture valid SAML responses on an attacker-controlled server and replay them against the victim Airflow instance — or reuse tokens across different instances with different access controls. Fixed in apache-airflow-providers-amazon 9.22.0.
Denial of Service via unbounded recursion in replaceEqualDeep
The internal replaceEqualDeep function recursively compared nested objects without any depth limit or cycle detection. A single query update containing an object nested 5,000+ levels deep was enough to exhaust the JavaScript call stack and freeze the UI thread until a page reload. Fixed in @tanstack/query-core 5.90.17 by adding a depth cap of 500.
Business logic bypass reported to Korea Internet & Security Agency
Stored XSS reported to Korea Internet & Security Agency
Insecure Direct Object Reference — Korea Financial Security Institute
Business logic bypass reported via FindtheGap
Business logic bypass reported via FindtheGap
Information disclosure reported via FindtheGap
Awards
2018
Projects
AI-CVE-Scanner with AI API
Android application implementing rooted-device detection techniques and evaluating their bypasses. Published on Google Play Store.
Chrome extension that automates repetitive click actions. Published on Chrome Web Store.
Critical vulnerability implementations (File Upload, Path Traversal, Auth bypass, XSS, CSRF, SQL Injection) with secure-coding reviews for training and bypass practice.
Mobile security bypass research — rooting detection bypass, FLAG_SECURE capture-prevention bypass, PIN login bypass via response tampering, and ProcessBuilder 'su' detection evasion.
8-member team project (Project Manager role). Cloud-based financial application penetration test across three scenarios — asset hijacking, cloud resource takeover, mobile ransomware. Found XSS, SQL Injection, SSRF, and file upload vulnerabilities.
Certifications
-
Engineer Information Processing HRD Korea