Wonyoung Jung

Email / Blog

Interests

• Fuzzing, Exploitation, Vulnerability Analysis Automation, Software development

Work Experience

Security Researcher @ 78ResearchLab (Mar 2024 - PRESENT)
Seoul, South Korea

• Vulnerability research and N-day exploitation
  
  

Security Researcher @ Diffense (Apr 2020 - Oct 2021)
Seoul, South Korea

• Vulnerability research and N-day exploitation
• Technologies used: Reversing, Source Code Auditing, Fuzzing, etc.
  
  

Education

Korea Advanced Institute of Science and Technology (KAIST) (Mar 2022 - Feb 2024)
Daejeon, South Korea

• M.S in Graduate School of Information Security (GSIS), @ Hacking Lab
  
  

Korea National University of Transportation(KTNU) (Mar 2019 - Feb 2022)
Uiwang, South Korea

• B.S in Computer Science and Engineering
  
  

Projects

IoT Device Vulnerability Research @ Diffense (Mar 2021 - Oct 2021)

• 0-day research on several IoT devices
• Technologies used: Reversing, Source Code Auditing, Python Development, etc.
  
  

PDF Vulnerability Research @ Diffense (Dec 2020 - Mar 2021)

• 0-day research on PDFium, Adobe Reader DC, Foxit PDF Reader
• Technologies used: Fuzzing, Vulnerability Analysis, etc.
  
  

Docker & Kubernetes Vulnerability Research @ Diffense (Jul 2020 - Oct 2020)

• 1-day research on Docker, Kubernetes
• Technologies used: Golang, Python, Docker/Kubernetes, etc.
  
  

Windows Kernel Vulnerability Research @ Diffense (Apr 2020 - Jul 2020)

• 1-day vulnerability research and exploitation on Windows kernel
• Related links: SMBGhost Exploitation
• Technologies used: Vulnerability Analysis, Exploitation, Reversing, etc.
  
  

Portfolio

HITB+ CyberWeek 2020 Speaker (Nov 2020)
Online

• Kernel Exploit with Filesystem Fuzzer
  
  

CodeBlue 2020 Speaker (Oct 2020)
Online

• Kernel Exploit with Filesystem Fuzzer
  
  

Diffense Windows Kernel Exploitation Taining - Trainer (Sep 2020)
Offline

• Windows Kernel Exploitation Techniques
  
  

Best of the Best (BoB) 8th (Jul 2019 - Feb 2020)
Offline

• Vulnerability Analysis Track, Level 3 Competition Training (TOP 40)
• Project: Kernel Exploit with Filesystem Fuzzer (as member), How To Find Container Platform Escape Bug? (as project leader)
  
  

30+ CVEs (- PRESENT)

• Found bugs in JavaScript Engines (V8 and JavaScriptCore), Chromium (PDFium), PDF readers, Linux kernel drivers, etc.