Harold Kim
Backend Developer • Security Researcher
| Security Engineer, Flatt Security Inc. Tokyo, Japan |
May 2020 - PRESENT 1y 8 months |
|
» Finding vulnerabilities in client's softwares and websites.
» 0day research, pentests, etc. |
|
| Security Engineer, LINE Corporation Tokyo, Japan |
Feb 2019 - Apr 2020 1y 3 months |
|
» Mainly focused on finding vulnerabilities in LINE and its affiliates' products.
» Developed automated security analysis tools and tools for detecting potential risks. » Security consulting, Reviewing bugbounty reports, recruitment support, etc. |
|
| Security Researcher, SEWorks Inc. Seoul, South Korea |
June 2014 - Nov 2018 4y 5 months |
|
» Focused mainly on core server management and backend service development.
» Developed core products, including product maintanence. (Used python, GoLang+Redis, PHP, Java, etc.) » Frequently performed vulnerability checks and penetration tests on flagship products. » Focused on security researches for future developments. |
|
| Signaller, ROK Army Paju, South Korea |
Nov 2016 - Aug 2018 1y 8 months |
|
» Discharged as Sergeant. Received many awards while working in the army.
» Maintained internal systems, managed and monitored security firewalls. » Developed an application which automatically checks security status and prints out the report on every boot. » Developed a pentest software to increase awareness on side-effects of using smartphones in the army. |
|
| Undergraduate Student, University of Toronto | Sept. 2014 - June 2015 9 months |
| » Currently studying as an undergraduate, and is going to acquire a Bachelor’s degree at some point.
» Currently on a long leave for jobs. |
|
| International Baccalaureate Diploma | Sept. 2012 - June 2014 1y 9 months |
|
» Acquired International Baccalaureate Diploma for Secondary School.
» Studied in India |
|
| International | ||
| 2021 | 2nd place, N1CTF 2021 | Online |
| 2021 | Finalist, DEFCON 29 CTF | Online |
| 2021 | 2nd place, LINE CTF | Online |
| 2019 | 1st place, Hack.lu CTF | Germany |
| 2019 | 1st place, Harekaze CTF | Japan |
| 2019 | Finalist, DEFCON 27 CTF | United States |
| 2019 | 1st place, 0CTF 2019 | China |
| 2018 | Finalist, Real World CTF 2018 | China |
| 2017 | Finalist, CodeGate CTF 2017 | South Korea |
| 2016 | 2nd place, EKOPARTY CTF 2016 | Argentina |
| 2016 | 2nd place, Silk Road CTF 2016 | China |
| 2016 | 1st place, ASIS CTF 2016 Finals | Iran |
| 2016 | 1st place, C4CTF 2016 | Saudi Arabia |
| 2016 | 1st place, TU CTF 2016 | United States |
| 2016 | 1st place, Sharif University CTF | Iran |
| 2016 | 2nd place, Internetwache CTF | Germany |
| 2016 | Finalist, PHDays 2016 | Russia |
| 2015 | 1st place, Hack Zone Tunisia 2015 | Tunisia |
| 2015 | 1st place, Break In 2015 | India |
| 2015 | Finalist, CSAW CTF 15 | United States |
| 2014 | Finalist, CSAW CTF 14 | United States |
| 2014 | Finalist, DEFCON 22 CTF | United States |
| 2014 | 2nd place. Olympic Sochi CTF 2015 | Russia |
| Domestic | ||
| 2019 | 1st place, Cyber Operations Challenge (Whitehat Contest) | Seoul, South Korea |
| 2018 | 1st place, Korean Army Hacking Defense Contest | Daejeon, South Korea |
| 2015 | 1st place, 14th HUST Hacking Festival | Seoul, South Korea |
| 2015 | 1st place, 2015 Inc0gnito Hacking Competition | Seoul, South Korea |
| CTF Organizer and Security Challenge Author | 2014 - PRESENT | ||||||||
|
|||||||||
| Stereotyped Challenges | Oct. 2014 - PRESENT 7y 3 months |
|
» Operating and developing a website consisting of extremely technical offensive security challenges. » Most of challenges are solely developed and tested by me. all challenges are sandboxed seperately. » Sourcecode of the website is currently available on //github.com/stypr/chall.stypr.com |
|
| Web Fuzzer Development and its Utilization | June 2014 |
|
Talked on WOWHACKER 2nd Seminar. Seoul, Korea
» a.k.a. Introduction to web fuzzer development. » Demonstrated the process of web fuzzer development and its utilization, including the practical usage of fuzzers and its utilizations. |
|
| Apparatus and method for managing apk file in a android platform | May 2016 |
|
Patent ID: KR101623096B1, 5 inventors
» The present invention provides an apparatus for managing APK file in an android platform configured to prevent an executable file in an APK file from being analyzed through reverse engineering and decompilation in advance |
|
| Language | PHP (Native), Python (Native), SQL (Native), VB (Mediocre), C (Mediocre), Go (Mediocre), Java (Mediocre), ASM (Beginner) |
| Korean (Native), English (Native), Mandarin (Beginner), Japanese (Beginner) | |
| Softwares | WireShark, Chrome/Firefox devtools, WireShark, Hex-rays, My Own Fuzzer, x64dbg, NetCat, Fiddler |
| HeidiSQL, HxD, Git, VMWare, qemu, ESXi, etc. |
