Gyuho Lee
Security Researcher • Frontend Developer
github iidxemail [email protected]linkedin Gyuho Lee

About Me

Nick Name

» extr
Interested In

» Cyber Threat Intelligence
» Web Service Development
» Tea & Whisky
CTF & Research Groups
2019- HypwnLab, South Korea
» Nondisclosure 1-day & 0-day Research Group
2015-2017 DCUA, Multinational
» CTF Team (dcua & some Penthackon members)
2014-2015 Penthackon, Multinational
» CTF Team (Penthackon & some WOWHACKER members)
2013- WOWHACKER, South Korea
» Research Group
2012-2013 TeamTMP, South Korea
» CTF Team (4th & factorial)
2011-2012 4th, South Korea
» CTF Team

Experience

Security Service Developer, NCSOFT
Gyeonggi, South Korea
May 2021 - Present
-

» Developing In-house web service
» Developed of automation of operation tasks of security infrastructure and heterogeneous security systems
DFIR Specialist, Plainbit Co., Ltd.
Gyeonggi, South Korea
Aug 2019 - May 2021
1 year 10 months

» Supported DFIR(Digital forensics and incident response) service.
» Analyzed APT accidents and study countermeasures.
Senior Researcher, Culture Makers
Seoul, South Korea
Nov 2018 - Jul 2019
8 months
» Military Service (Skilled industrial Personnel)
» Operated infosec-related competitions and produced educational contents(also infosec).
» Managed v-networks using virtualization products(vSphere) and developed management tools related it.
Security Researcher, SEWorks Inc.
Seoul, South Korea / CA, United States
Feb 2017 - Nov 2018
1 year 10 months
» Military Service (Skilled industrial Personnel)
» Developed automation tools for products operation and management of backend servers.
» Developed modules to analyze malicious APKs.
Software Vulnerability Analyst, WINS Co., LTD.
Gyeonggi, South Korea
Jan 2016 - Jan 2017
1 year
» Vulnerability research and 1-day vulnerabilities analysis on Microsoft products.
» Developed malicious behavior analysis module included in APT attack detection appliance.
» Reviewed appliance bug bounty reports.
Security Researcher, Divine Security
Iksan, Jeollabuk-do
Jan 2015 - Jun 2015
6 months
» Developed modules to analyze malicious APKs.
Security Consultant, *****
Seoul, South Korea
Mar 2013 - Aug 2013
6 months
» Black-box and white-box penetration testing for software and web services.
» G-ISMS and ISMS security consult support for security companies.

Achievement/Awards

Only showing the results of top 3 places and finalists of memorable CTFs,
International
2020 1st place, InterKosen CTF Japan
2020 1st place, Defenit CTF South Korea
2019 1st place, Harekaze CTF Japan
2019 3rd place, DFRWS IoT Forensic Challenge, write-up United States
2018 2nd place, Digital Forensic Challenge 2018 South Korea
2017 2nd place, ASIS CTF Finals Iran
2017 3rd place, Volga CTF Russia
2016 Finalist, TrendMicro CTF Japan
2016 2nd place, EKOPARTY CTF 2016 Argentina
2016 1st place, ASIS CTF Finals Iran
2016 1st place, Volga CTF Russia
2014 Finalist, DEFCON 22 CTF United States
Domestic
2022 Finalist, Cyber Conflict Exercise Daegu, South Korea
2019 Finalist, Cyber Conflict Exercise Busan, South Korea
2015 1st place, 14th HUST Hacking Festival Seoul, South Korea
2015 1st place, Find the Digital Culprit Seoul, South Korea
2015 1st place, Inc0gnito Hacking Competition Seoul, South Korea
2014 3rd place, Find the Digital Culprit Seoul, South Korea
2013 3rd place, Whitehat Contest Seoul, South Korea
2013 3rd place, Find the Digital Culprit Seoul, South Korea
2011 Bronze Prize, Soonchunhyang University 'Y.I.S.F.' Asan, South Korea
2011 Bronze Prize, Tongmyong University 'Information Science Olympiad' Busan, South Korea

Portfolio

Software Vulnerability Reports
CVE-2022-41156 Remote Code Execution, Ondisk Player Agent
CVE-2022-23766 Arbitrary File Execution, BigFile Agent
CVE-2020-7881 Remote Code Execution, AfreecaTV streamer service
CVE-2019-12808 Local Privilege Escalation, ALTOOLS update service
RIDI Bug Bountry Remote Code Execution, Ridibooks Qt Viewer
KVE-2018-1470 Remote Code Execution, Infoleak NDA
KVE-2018-0128 Remote Code Execution, NDA
KVE-2018-0058 Heap Buffer Overflow, NDA
KVE-2017-0226 Remote Code Execution, NDA
KVE-2017-0129 Arbitrary File Read, NDA
CTF Organizer and Challenge Author
2021 Organizer and Challenge author, ACSC
» Challenge write-up: NYONG Coin & BitLocker Artifact
2021 Challenge author, 强网杯全国网络安全挑战赛
2020 Challenge author, PBCTF
» Challenge write-up: Vaccine Stealer
2020 Organizer and Challenge author, Bingo CTF
» Challenge write-up: ISO & Disassembed
2018 Challenge author, Cyber Conflict Exercise & Contest
2015-2016 Organizer and Challenge author, Christmas CTF
2015 Challenge author BoB CTF
2013-2016 Organizer and Challenge author, KAIST and POSTECH Science War (Hacking)
2012-2013 Organizer and Challenge author, Hoseo Information Security Challenge
Presentation
2019 Memory forensics using volatility, Supreme Prosecutors' Office
» SPO training course
2014 WOWHACKER OFFSET open hacking seminar - 1st., WOWHACKER
» Analyze and demonstrate ADD(Attention Deficit Disorder) technology of memory anti-forensics.