GitHub - ch4n3-yoon/ch4n3-yoon

PROFILE

Seokchan Yoon (@ch4n3.yoon)
ch4n3.yoon@gmail.com
A CTF player of STEALIEN and Aleph Infinite
Web Security Researcher @ STEALIEN (2020.07. ~ 2023.06.)

ACHIEVEMENT/AWARDS

Finalist, CODEGATE 2023 UNIVERSITY (team: 경희대미남해커들)
Finalist, CODEGATE 2022 UNIVERSITY (team: 경희대미남해커들)
Finalist (2nd, 국가보안연구소장상), 2022 사이버공격방어대회(CCE) 공공부문 Quals (team: resilience)
Finalist (2nd, 국가보안연구소장상), 2021 사이버공격방어대회(CCE) 공공부문 Quals (team: resilience)
3rd, 2020 Kyunghee University Hackathon (team 1등못하면동반입대)
Finalist (2nd, 사이버작전사령관상), 2019 사이버작전경연대회 학생부 (team 윤석찬TV구독과좋아요알림설정까지)
개인전 최우수상 (1st, 서울여대 총장상), 2018 제 4회 정보보안경진대회 개인예선
단체전 최우수상 (1st, 교육부 장관상), 2018 제 4회 정보보안경진대회 단체본선 (team 문시우1인팀)
Finalist (18th), CODEGATE 2018 JUNIOR
2nd, 2018 제 3회 전국청소년모의해킹대회
3rd, 2018 제 16회 SMARTEEN APP CLUB AppJam Hackathon
단체전 최우수상 (1st, 한국교육학술정보원장상), 2017 제 3회 정보보안경진대회 단체본선 (team 4-day exploit)
우수상(2nd), 2017 KMU(국민대학교) X UBUNTU 1st CTF

BUG BOUNTIES

NAVER

NBB-1126, Stored XSS
NBB-1143, SQL Injection
NBB-1260, Stored XSS
NBB-2315, Reflected XSS
NBB-2316, Reflected XSS
NBB-2314, Reflected XSS

Django

CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator
CVE-2024-24680: Potential denial-of-service in intcomma template filter
CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()

MEDIA / PRESENTATION

2020

KBS <청년일자리프로젝트 사장님이 美쳤어요> 사내 최연소 연구원으로 출연
- https://vod.kbs.co.kr/index.html?source=episode&sname=vod&stype=vod&program_code=T2016-0639&program_id=PS-2020170106-01-000&section_code=05&broadcast_complete_yn=&local_station_code=00

2021

사람인 기업스토리 <스틸리언> 편 출연
- https://www.saramin.co.kr/zf_user/guide/movie/fun-view?page=7&keyword=&category=&sort=&seq=433&count=10
유튜브 ‘인싸담당자’ 채널 <스틸리언> 편 출연
- https://www.youtube.com/watch?v=ueslFj2Dbgc

2022

<모던 웹 서비스에서의 버그케이스와 시큐어코딩> (@STEALIEN Security Semiar; 3S)
- For English Reader, <Bug Cases and Secure Coding Techniques, in Modern Web Services>
- Related Press Releases (Kor): https://www.boannews.com/media/view.asp?idx=107983&kind=
- Replay: https://www.youtube.com/watch?v=6YgSTZ9i7Vk

2023

<Django 1-day Vulnerability Analysis> (@HackingCamp 26th 🇰🇷)
- I analyzed and shared disclosed vulnerabilities with high severity to Django Project, 2022
- Reference: http://hackingcamp.org/
<Django Framework N-day Vulnerability Analysis & Secure Coding Guide> (@CODEGATE 2023 🇰🇷)
- I issued some insecure usages in django with analyzing 1-day vulnerabilities and gave secure coding guide
- Reference: https://codegate.org/sub/conference

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

Repository files navigation

PROFILE

ACHIEVEMENT/AWARDS

BUG BOUNTIES

NAVER

Django

MEDIA / PRESENTATION

2020

2021

2022

2023

About

Releases

Packages

ch4n3-yoon/ch4n3-yoon

Folders and files

Latest commit

History

README.md

README.md

Repository files navigation

PROFILE

ACHIEVEMENT/AWARDS

BUG BOUNTIES

NAVER

Django

MEDIA / PRESENTATION

2020

2021

2022

2023

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages