Gyuho Lee
DFIR Specialist • Security Researcher
github iidxemail [email protected]linkedin Gyuho Lee

Experience

Senior Analyst, Plainbit Co., Ltd.
Gyeonggi, South Korea
Aug 2019 - May 2021
1 year 10 months

» Support DFIR(Digital forensics and incident response) service.
» Developing DFIR-related tools for the public good.
» Analyze APT accidents and study countermeasures.
Senior Researcher, *****
Seoul, South Korea
Nov 2018 - Jul 2019
8 months
» Military Service (Skilled industrial Personnel)
» Operated infosec-related competitions and produced educational contents(also infosec).
» Managed virtual networks using virtualization products(vSphere) and developed management tools related it.
Software Engineer, SEWorks Inc.
Seoul, South Korea / CA, United States
Feb 2017 - Nov 2018
1 year 10 months
» Military Service (Skilled industrial Personnel)
» Developed automation tools for products operation and management of backend servers.
» Developed modules to analyze malicious APKs.
Software Vulnerability Analyst, WINS Co., LTD.
Gyeonggi, South Korea
Jan 2016 - Jan 2017
1 year
» Vulnerability research and 1-day vulnerabilities analysis on Microsoft products.
» Tracking malicious behavior through digital forensics.
» Developed malicious behavior analysis module included in APT attack detection appliance.
» Reviewing appliance bug bounty reports.
Security Consultant, *****
Seoul, South Korea
Mar 2013 - Aug 2013
6 months
» Black-box and white-box penetration testing for software and web services.
» G-ISMS and ISMS security consulting support for security companies.

Achievement/Awards

Only showing the results of top 3 places and finalists of memorable CTFs,
International
2020 1st place, InterKosen CTF Japan
2020 1st place, Defenit CTF South Korea
2019 1st place, Harekaze CTF Japan
2019 3rd place, DFRWS IoT Forensic Challenge, write-up United States
2018 2nd place, Digital Forensic Challenge 2018 South Korea
2017 2nd place, ASIS CTF Finals Iran
2017 3rd place, Volga CTF Russia
2016 Finalist, TrendMicro CTF Japan
2016 2nd place, EKOPARTY CTF 2016 Argentina
2016 1st place, ASIS CTF Finals Iran
2016 1st place, Volga CTF Russia
2014 Finalist, DEFCON 22 CTF United States
Domestic
2019 Finalist, Cyber Conflict Exercise Busan, South Korea
2015 1st place, 14th HUST Hacking Festival Seoul, South Korea
2015 1st place, Find the Digital Culprit Seoul, South Korea
2015 1st place, Inc0gnito Hacking Competition Seoul, South Korea
2014 3rd place, Find the Digital Culprit Seoul, South Korea
2013 3rd place, Whitehat Contest Seoul, South Korea
2013 3rd place, Find the Digital Culprit Seoul, South Korea
2011 Bronze Prize, Soonchunhyang University 'Y.I.S.F.' Asan, South Korea
2011 Bronze Prize, Tongmyong University 'Information Science Olympiad' Busan, South Korea

Portfolio

Software Vulnerability Reports
KVE-2021-???? Local Privilege Escalation, NDA
KVE-2020-0730 Remote Code Execution, NDA
CVE-2019-12808 Local Privilege Escalation, ALTOOLS update service
RIDI Bug Bountry Remote Code Execution, Ridibooks Qt Viewer
KVE-2018-1470 Remote Code Execution, Infoleak NDA
KVE-2018-0128 Remote Code Execution, NDA
KVE-2018-0058 Heap Buffer Overflow, NDA
KVE-2017-0226 Remote Code Execution, NDA
KVE-2017-0129 Arbitrary File Read, NDA
CTF Organizer and Security Challenge Author
2020 Challenge author, PBCTF
» Challenge write-up: Vaccine Stealer
2020 Organizer and Challenge author, Bingo CTF
» Challenge write-up: ISO and Disassembed
2018 Challenge author, Cyber Conflict Exercise & Contest
2015-2016 Organizer and Challenge author, Christmas CTF
2015 Challenge author BoB CTF
2013-2016 Organizer and Challenge author, KAIST and POSTECH Science War (Hacking)
2012-2013 Organizer and Challenge author, Hoseo Information Security Challenge
Presentation
2019 Memory forensics using volatility, Supreme Prosecutors' Office
» SPO training course
2014 WOWHACKER OFFSET open hacking seminar - 1st., WOWHACKER
» Analyze and demonstrate ADD(Attention Deficit Disorder) technology of memory anti-forensics.

Stub

Interested In

» Cyber Threat Intelligence
» Digital Forensics
» Tea & Whisky
CTF & Research Groups
2019- HypwnLab, South Korea
» Nondisclosure 1-day & 0-day Research Group
2015-2017 DCUA, Multinational
» CTF Team (dcua & some Penthackon members)
2014-2015 Penthackon, Multinational
» CTF Team (Penthackon & some WOWHACKER members)
2013- WOWHACKER, South Korea
» Research Group
2012-2013 TeamTMP, South Korea
» CTF Team (4th & factorial)
2011-2012 4th, South Korea
» CTF Team