Gyuho Lee
DFIR Specialist • Security Researcher
github iidxemail [email protected]PGP›   linkedin Gyuho Lee


Senior Analyst, Plainbit Co., Ltd.
Gyeonggi, South Korea
Aug 2019 - PRESENT

» Support DFIR(Digital forensics and incident response) service.
» Developing DFIR-related tools for the public good.
» Analyze APT accidents and study countermeasures.
Senior Researcher, *****
Seoul, South Korea
Nov 2018 - Jul 2019
8 months
» Military Service (Skilled industrial Personnel)
» Operated infosec-related competitions and produced educational contents(also infosec).
» Managed virtual networks using virtualization products(vSphere) and developed management tools related it.
Software Engineer, SEWorks Inc.
Seoul, South Korea
Feb 2017 - Nov 2018
1 year 10 months
» Military Service (Skilled industrial Personnel)
» Developed automation tools for products operation and management of backend servers.
» Developed modules to analyze malicious APKs.
Software Vulnerability Analyst, WINS Co., LTD.
Gyeonggi, South Korea
Jan 2016 - Jan 2017
1 year
» Vulnerability research and 1-day vulnerabilities analysis on Microsoft products.
» Tracking malicious behavior through digital forensics.
» Developed malicious behavior analysis module included in APT attack detection appliance.
» Reviewing appliance bug bounty reports.
Back-end Developer, Divine Security
Seoul, South Korea
Jan 2015 - Jun 2015
6 months
» Developed static analysis module to detect malicious APKs.
Pentester, *****
Seoul, South Korea
Mar 2013 - Aug 2013
6 months
» Black-box and white-box penetration testing for software and web services.
» G-ISMS and ISMS security consulting support for security companies.


Only showing the results of top 3 places and finalists of memorable CTFs,
2020 1st place, InterKosen CTF Japan
2020 1st place, Defenit CTF South Korea
2019 1st place, Harekaze CTF Japan
2019 3rd place, DFRWS IoT Forensic Challenge, write-up United States
2018 2nd place, Digital Forensic Challenge 2018 South Korea
2017 2nd place, ASIS CTF Finals Iran
2017 3rd place, Volga CTF Russia
2016 Finalist, TrendMicro CTF Japan
2016 2nd place, EKOPARTY CTF 2016 Argentina
2016 1st place, ASIS CTF Finals Iran
2016 1st place, Volga CTF Russia
2014 Finalist, DEFCON 22 CTF United States
2019 Finalist, Cyber Conflict Exercise Busan, South Korea
2015 1st place, 14th HUST Hacking Festival Seoul, South Korea
2015 1st place, Find the Digital Culprit Seoul, South Korea
2015 1st place, Inc0gnito Hacking Competition Seoul, South Korea
2014 3rd place, Find the Digital Culprit Seoul, South Korea
2013 3rd place, Whitehat Contest Seoul, South Korea
2013 3rd place, Find the Digital Culprit Seoul, South Korea
2011 Bronze Prize, Soonchunhyang University 'Y.I.S.F.' Asan, South Korea
2011 Bronze Prize, Tongmyong University 'Information Science Olympiad' Busan, South Korea


Software Vulnerability Reports
KVE-2020-0730 Remote Code Execution, NDA
CVE-2019-12808 Local Privilege Escalation, ALTOOLS update service
RIDI Bug Bountry Remote Code Execution, Ridibooks Qt Viewer
KVE-2018-1470 Remote Code Execution, Infoleak NDA
KVE-2018-0128 Remote Code Execution, NDA
KVE-2018-0058 Heap Buffer Overflow, NDA
KVE-2017-0226 Remote Code Execution, NDA
KVE-2017-0129 Arbitrary File Read, NDA
CTF Organizer and Security Challenge Author 2012 - PRESENT
2020 Challenge author, PBCTF
» Challenge write-up: Vaccine Stealer
2020 Organizer and Challenge author, Bingo CTF
» Challenge write-up: ISO and Disassembed
2018 Challenge author, Cyber Conflict Exercise & Contest
2015-2016 Organizer and Challenge author, Christmas CTF
2015 Challenge author BoB CTF
2013-2016 Organizer and Challenge author, KAIST and POSTECH Science War (Hacking)
2012-2013 Organizer and Challenge author, Hoseo Information Security Challenge
Seminar June 2014
Talked on WOWHACKER OFFSET open hacking seminar - 1st. Seoul, Korea

» a.k.a. Anti-Forensics: Attention Deficit Disorder.
» Analyze and demonstrate ADD technology to demonstrate memory anti-forensics.