Kiyong Sim
Vulnerability Researcher
github tonix0114linkedin tonix0114email tonix0114@gmail.com

Experience

Vulnerability Research Team Lead, Hayyim Security
Seoul, South Korea
Feb. 2017 - PRESENT
7y 9 months
» Research N-day and 0-day exploits for Windows-based applications
» Creating and delivering vulnerability analysis training materials for internal and external use
» Developing and operating infrastructure such as internal network servers

Vulnerability Reports

KISA Security Bugbounty Program
KVE-2023-5676 [NDA], Remote Code Execution CWE-122
KVE-2023-5602 [NDA], Local Privilege Escalation CWE-94
KVE-2023-0260 [NDA], Arbitrary File Download CWE-23
KVE-2023-0018 [NDA], Local Privilege Escalation CWE-121
KVE-2022-???? [NDA], Local Privilege Escalation CWE-59
KVE-2022-1893 INNORIX Agent, Remote Code Execution CWE-434
KVE-2022-0246 AfreecaTV Streamer Service, Remote Code Execution CWE-122
CVE-2022-23764 Teruten Webcube, Remote Code Execution CWE-346
KVE-2021-0943 [NDA], Remote Code Execution CWE-346
KVE-2021-0942 [NDA], Local Privilege Escalation CWE-732
KVE-2018-0200 Kakaotalk, Remote Denial-of-Service CWE-476
Vendor
MIB-2022 Web Streaming Service Payment Bypass CWE-639
CVE-2018-1000852 FreeRDP , Information Disclosure CWE-126
NBB-1400 Naver Antivirus , Local Privilege Escalation CWE-732
LG-2016-002 LG Roboking Vacuum & Smart Thunq Hub , Remote Code Execution CWE-78
Private
Experience in finding vulnerabilities in Antivirus, Office, Player, Remote Desktop, Web Server, OS Kernel, Virtual Machine

CTF Achievment

Player
2024 4th Hack The Drone 하입보잉원
2024 Finalist DEF CON CTF Cold Fusion
2024 Finalist Cyber Conflict Exercise 해사모
2024 Finalist HITCON CTF Cold Fusion
2024 Finalist Dreamhack Invitational tonix0114
2023 2nd KISA Bug Bounty Hall of Fame tonix0114
2023 Finalist HITCON CTF 프로그램털모찌
2022 Finisher Flare-On 9 Challenge tonix0114
2022 Finalist Cyber Conflict Exercise iamroot
2022 Finalist WACON Haim
2021 Finisher Flare-On 8 Challenge tonix0114
2021 2nd Incognito CTF tonix0114
2021 3rd Cyber Conflict Exercise Haim
2021 Finalist Whitehat Contest Haim
2021 2nd Pwn2Win uuunderflow
2020 Finisher Flare-On 7 Challenge tonix0114
2020 1st Digital Forensic Challenge noname
2020 1st HM CTF 1등
2020 2nd Hackceler8, Google CTF I use Bing
2020 2nd KDMHS TRUST CTF tonix0114
2020 4th Christmas CTF Haim
2020 Finalist Cyber Conflict Exercise Haim
2019 1st Digital Forensic Challenge noname
2019 3rd Holy Shield Hacking Festival ●▅▇█▇▅▄▄▌
2019 Finalist Cyber Operations Challenge $wag
2019 3rd DVP Global Blockchain Security $wag
2018 2nd Digital Forensic Challenge foreng2
2018 Bronze Prize Samsung SCTF tonix0114
2018 Finalist Cyber Conflict Exercise $wag
2018 1st Korea Polytechnics University 'ko-world' $wag
2018 1st Design Thinking hackathon 새싹육회비빔밥
2017 1st BISC Forensic Challenge tonix0114
2017 1st H4C CTF tonix0114
2017 1st DoubleS 1405 CTF tonix0114
2017 Finalist Samsung SCTF tonix0114
2016 Finalist ASIS CTF LeaveCat
2016 Certificate LG Electronics Security Vulnerability Detection Julmini
2016 Bronze Prize KDMHS CTF tonix0114
2016 Finalist Codegate Jounior tonix0114
2016 2nd BISC Forensic Challenge tonix0114
2016 Finalist Whitehat Contest Junior 체고의플레이
2015 Finalist Codegate Jounior tonix0114
2015 3rd DoubleS1405 CTF tonix0114
2015 Silver Prize Middle and High School Student Information Protection Olympiad tonix0114
2015 Finalist Whitehat Contest Junior Shigatsu
2014 Finalist Youth Information Security Festival (YISF) tonix0114
Organizer
2022 Hayyim CTF
2017 Christmas CTF
2017 POSTECH-KAIST Science War CTF
2017 Hacking Camp CTF
2017 Secuinside CTF
2016 Layer7 CTF
2015 Layer7 CTF

Activities

Presentation
2023 Joongbu University CCIT Basic Reversing & Fuzzing
2018 DFC Workshop Digital forensics challenge - Artifacts
2017 AVTokyo Is your house safe (Robot Vacuum & SmartHub)?
Education
2023 Project Leader Whitehat School - Windows Software Bughunting Project
2016 Digital Forensics Track Student KITRI Best of the Best 5 - Top 30