YoungJoo Lee

Software Vulnerability Researcher

Education

• M.S. in Electrical and Computer Engineering 2022.03 - now

  @Seounl National University, @CompSec Lab

• B.S. in Information Security 2019.03 - 2021.09

  @NILE Academic Credit Bank System

Experience

• OtterSec - Contract Auditor (Part Time) 2023.01 - 2023.04
  Finding vulnerabilities in smart contracts

• Exodus intelligence - Browser Research Advocate 2021.12 - 2022.03
  Finding vulnerabilities in modern web browsers.

• Raon Whitehat - Security Researcher 2019.01 - 2021.01
  Finding vulnerabilities and exploit development in Android kernel and browsers.

• Korea University Computer and Communication Security Laboratory - Intern 2018.07 - 2018.09

  Finding vulerabilites with IoTcube in the open source software.

• Best of the Best 6th - Student 2017.07 - 2018.03

  Finding vulnerabilites in the remote desktop software.

Vulnerability Reports

Google Vulnerability Reward Program

1. CVE-2022-2481 : Use-After-Free in Views ($2,000)
2. Issue 1345546 : Use-After-Free in WebUIBubbleDialogView ($3,000)
3. Issue 1348082 : Heap-Buffer-Overflow in TableView ($4,000)
4. Issue 1350711 : Use-After-Free in UserNudgeController ($2,000)
5. Issue 1350743 : Use-After-Free in CaptureModeSessionFocusCycler ($2,000)
6. Issue 1355752 : Use-After-Free in CaptureModeController::CaptureImage ($1,000)
7. CVE-2021-21112 : Use-After-Free in DeflateTransformer ($7,500)
8. CVE-2020-15976 : Use-After-Free in WebXR ($7,500)

Honors and Awards

International

• 2023
  • Finalist, DEFCON CTF 31 (SuperDiceCode)Las Vegas, United States
  • Finalist, Blackhat MEA (WreckTheLine)Riyadh, Saudi arabia
  • AI Track Award, Cyber Mimic CTF (WreckTheLine) ($8,000)Nanjing, China
• 2022
  • 3rd place, DEFCON CTF 30 (StarBugs)Las Vegas, United States
  • Finalist, CodeGate CTF (CodeRed)Seoul, Korea
• 2021
  • 3rd place, TrendMicro CTF (CodeRed) ($1,800)online
  • Finalist, DEFCON CTF 29 (StarBugs)Las Vegas, United States
• 2020 (online)
  • 1st place, SECCON CTF (HangulSarang)
  • 3rd place, TrendMicro CTF (CodeRed) ($1,800)
  • Finalist, DEFCON CTF 28 (quals: CandySweetGuys / final: Star-Bugs)
  • Finalist, 0CTF/TCTF (Heart Breaker)
• 2019
  • 2nd place, SECCON CTF (CodeRed)Tokyo, Japan
  • Finalist, TrendMicro CTF (CodeRed)Tokyo, Japan
  • Finalist, DEFCON CTF 27 (CGC)Las Vegas, United States
  • Finalist, RealWorld CTF (CodeRed)Beijing, China
  • Finalist, CodeGate CTF (CodeRed)Seoul, Korea
• 2018
  • Finalist, DEFCON CTF 26 (C.G.K.S) Las Vegas, United States
  • Finalist, SECCON CTF (CodeRed) Tokyo, Japan
  • 2nd award, CodeGate Junior CTF ($3,000) Seoul, Korea
  • 2nd award, Timisoara CTF (NextLine) Timisoara, Romania
  • 3th award (#15), Samsung CTF ($1,000) Seoul, Korea

Domestic

• 2023
  • 3rd award, HackTheon Sejong 2023 ($10,000)
• 2022
  • 3rd award, Whitehacker Attack Contest 2022 (WACON) ($5,000)
• 2021
  • 1st award, Cyber Conflict Exercise(CCE) ($30,000)
  • 3rd award, WhiteHat Contest Korea ($5,000)
• 2020
  • 2nd award, Cyber Conflict Exercise(CCE) ($10,000)
• 2019
  • 1st award, Gyeonggi-do Information Security Hackathon ($5,000)
  • 1st award, Energy Security Hackathon ($5,000)
• 2018
  • 1st award, Ko-World Hacking Competition ($3,000)
  • 2nd award, Korean Army Hacking Defence Competition
  • 2nd award, Junior Information Security Olympiad ($1,000)
  • 3rd award, Cyber Conflict Exercise(CCE) ($3,000)
• 2016 - 2017
  • 1st award, IoT Security Challenge with IoTcube (MacBook)
  • 2nd award, Smartgrid Security Hackathon Hacking Section ($2,000)
  • 3rd award, Information Security Hackathon ($3,000)