Author Image

Hi, I am Phantomn

Phantomn

Security Engineer at CoreSecurity

저는 사이버 보안 자동화 및 AI 시스템 설계 분야에서 경험이 풍부한 열정적인 취약점 연구원 겸 개발자입니다. 임베디드 시스템(예: PLC, HMI)을 위한 오픈소스 도구와 퍼저를 개발했으며, IEC 62443-4-2 표준에 부합하도록 설계했습니다. 또한 n8n을 활용한 자동화 워크플로우를 설계하고 맞춤형 RAG 파이프라인을 구축합니다. 때로는 난독화된 스크립트 역공학이나 구조화된 지식 시스템 구축과 같은 재미있는 프로젝트에도 참여합니다.

Leadership
Team Work
Hard Working

Skills

Python
Python

  • Advanced scripting & automation (Fabric, Invoke, Ansible)
  • Data analysis
  • Security tooling & PoC 작성 (pwntools, angr, scapy)

C/C++

  • Low-level 개발: ARM Cortex-A9(Zynq)·x86 Bare-metal
  • Linux kernel module·Device Driver 패치 및 빌드
  • QEMU device emulation, u-boot/BusyBox 포팅
  • Exploit development(ROP, ret2libc, Stack-pivot)
  • Static 분석을 위한 LLVM Pass 작성

Docker
Docker

  • 멀티-스테이지 빌드 & BuildKit 최적화
  • docker-compose.yml + .env 관리, secret mount
  • WSL2 연동, DinD CI ( GitHub Actions / GitLab Runner )
  • 이미지 경량화(Alpine, distroless) 및 SBOM 생성 (Syft)
  • Container Security Scan(Trivy, Snyk) 자동화

Linux

  • Distro: Debian/Ubuntu, Arch, Yocto-based Embedded
  • Cross-compile toolchain(GLIBC 2.17, musl) & BusyBox custom
  • Kernel debugging(ftrace, kprobes, eBPF) · System hardening(SELinux, AppArmor)
  • Network stack 튜닝( tc, iptables/nftables, WireGuard )
  • Shell & Automation(Bash, Zsh, tmux, systemd-unit 작성)

Reverse Engineering

  • Tools: IDA Pro, Ghidra, Binary Ninja, Radare2, Cutter
  • Static/Dynamic Analysis, ELF/PE symbol recovery, FLIRT signature 제작
  • Lua/Python bytecode deobfuscation(Luadec patches, pyobfuscate bypass)
  • Firmware carving, DTS/DTC 수정, U-Boot 분석
  • Frida/GDB/QEMU User-mode로 Syscall Tracing, API Hooking

Vulnerability Research

  • Coverage-guided Fuzzer(libFuzzer + AFL++, Honggfuzz) 구현
  • PLC/ICS Protocol( Modbus-TCP, LS GLOFA ) 변이 엔진 설계
  • Privilege Escalation(LPE, SUDO,CVE-2024-xxxx) PoC 및 Mitigation
  • IEC 62443-4-2 SL1/SL2 시험 자동화 도구 + Triage Dashboard(Vue + Supabase)
  • CVE & Advisory 작성 / 사내 CERT 연계 Disclosure 경험

PostgreSQL & Supabase

  • Schema design & Row-Level Security(RLS) 정책 작성
  • Vector Store(pgvector) + RAG 챗봇 검색 최적화
  • Logical Replication & Partitioning( time-series )
  • Supabase Auth/Storage edge-function ( Deno ) 작성
  • 자동화 파이프라인(SQL migrations, psql scripts, cron triggers)

LLM Automation (OpenAI, Gemini, Claude)

  • Multi-agent A2A Framework 설계(n8n prompt-ops, structured output)
  • Retrieval-Augmented Generation(RAG) with Supabase / pgvector
  • Function calling, JSON-schema tool dev, streaming UI( React + SSE )
  • Prompt engineering for cybersecurity use-cases( log analysis, exploit summary )
  • Cost optimization( batching, compression, cache ) + Model benchmarking

Experiences

1
CoreSecurity

2021년 6월 -

South Korea

OT/ICS 및 IoT 보안 전문 기업으로 다양한 스마트 인프라 환경의 취약점 분석 및 대응 기술을 개발합니다.

Vulnerability Researcher

2021년 6월 -

  • IoT 스마트 빌딩 환경 내 임베디드 장치의 N-day Exploitation 수행
  • 스마트 빌딩 IoT 장비의 취약점 탐지 기술 개발
  • 라우터, NAS, CCTV 대상 Exploit 및 정보수집 도구 개발
  • OT/ICS 환경에서의 사고 시나리오 개발 및 현장 모의침투 테스트 수행
  • 산업제어시스템 보안 표준인 IEC 62443 분석
  • 다양한 기업 대상 현장 침투 테스트 다수 수행
A3Security

2020년 6월 - 2021년 6월

South Korea

A3Security는 정보보호 전문업체로 모의해킹을 수행했습니다.

웹/앱 모의해킹

2020년 6월 - 2021년 6월

  • 금융권 포함 총 12개 사이트의 웹/모바일 모의침투 테스트 수행
2

Education

Kongju University
2012-2024
Bachelor of Science in Computer Science

Projects

CCDCOE Locked Shields 2025 6th
CCDCOE Locked Shields 2025 6th
Blue Team Member Apr 2025

세계 최대 규모의 실시간 사이버 방어 훈련에 한국-캐나다 연합팀의 일원으로 참가하여 6위를 달성했으며, 수천 개의 모의 공격으로부터 국가 IT 시스템과 핵심 기반 시설을 방어했습니다.

research cyber-exercise blue-team DFIR 2025
Achilles Level 2 Certification & Testing
Lead Security Consultant Jul 2024 - Mar 2025

Executed Achilles Level 2 certification tests for OT devices, validating protocol robustness and compliance.

consulting certification ot 2025
Medical Device Security Certification Consulting
Principal Consultant Jun 2024 - Mar 2025

Provided end-to-end cyber-safety consulting for medical devices, including threat modeling and regulatory documentation.

consulting medical certification 2025
Medical Device FDA Security Consulting
Security Consultant Mar 2024 - Dec 2024

Assisted manufacturers in meeting FDA cyber-security guidance for connected medical devices.

consulting medical fda 2024
Smart Ship Infrastructure Vulnerability Analysis & Security Tech Development
OT/ICS Researcher Jul 2024 - Nov 2024

Performed vulnerability analysis of maritime OT networks and developed tailored defensive technologies.

research ot maritime 2024
HW Supply-Chain Security & Chip Integrity Verification Tech Development
Research Engineer Jun 2024 - Dec 2024

Researched side-channel and invasive analysis techniques to verify semiconductor integrity across the supply chain.

research hardware security 2024
Cloud-based Cyber Training Ground Construction & K-SDL Development
Technical Lead Jun 2024 - Dec 2024

Built a scalable cloud cyber-range and developed the Korean Secure Development Lifecycle (K-SDL) curriculum.

development cloud training devsecops 2024
IoT Embedded Device Bug Hunting (5 CVEs)
Vulnerability Researcher Apr 2024 - May 2024

Discovered and responsibly disclosed 5 CVEs in commercial IoT devices through protocol fuzzing.

research fuzzing iot cve 2024
LS Electric Threat Modeling Consulting for Automation Equipment
Threat Modeling Lead Mar 2023 - Nov 2023

Developed STRIDE-based threat models and mitigation matrices for PLC & HMI product lines.

consulting threat-modeling ot 2023
IoT Incident Investigation Tool Development
Software Engineer Aug 2022 - Dec 2022

Built a Python-based toolkit to acquire, parse, and analyze artefacts from compromised IoT devices.

development forensics python iot 2022
Smart Building IoT Device Vulnerability Detection Tech Development (2nd Year)
Lead Researcher Jan 2022 - Oct 2022

Enhanced ML-driven fingerprinting and anomaly detection engines for smart-building IoT networks.

research iot smart-building 2022
KEPCO Practical Cyber-Security Training System Enhancement
OT Security Engineer Jun 2021 - Mar 2025

Upgraded an ICS cyber-range for KEPCO, adding realistic attack/defense scenarios and automated scoring.

development ot training kepco 2021
C2021 Event Hosting
Organizer May 2021 - Dec 2021

Planned and hosted Korea’s premier convergence-security conference, featuring live CTF and workshops.

community 2021
SBI Savings Bank Digital Platform & Open Banking Security Review
Pentester Mar 2021 - May 2021

Conducted web/mobile pentesting and secure-coding review for the bank’s open-banking APIs.

consulting pentest finance web mobile 2021
HKMC Business System Continuous Penetration Testing
Pentester Jan 2021 - Feb 2021

Delivered continuous penetration testing service for HKMC’s enterprise systems.

consulting pentest enterprise 2021
KOFIA Electronic-Finance Infra Vulnerability Assessment
Security Analyst Nov 2020 - Dec 2020

Performed network, web, and mobile assessments across critical trading infrastructure.

consulting pentest finance 2020
KT Giga Genie Terminal Penetration Testing
IoT Pentester Oct 2020

Identified firmware and API vulnerabilities in smart-speaker terminals.

consulting pentest iot 2020
KTH Daekyo Integrated Education Platform Penetration Testing
Web Pentester Sep 2020

Assessed authentication and business-logic flaws in an ed-tech SaaS platform.

consulting pentest web education 2020
UNTAC Security Review & Penetration Testing
Security Consultant Jul 2020 - Sep 2020

Provided holistic security assessment for UN Technology & Communication Agency infrastructure.

consulting pentest 2020
Finding Vulnerabilities Using CodeQL (Stealien Security Leader 1st)
Research Trainee Sep 2020 - Dec 2020

Automated static-analysis queries to uncover zero-days with GitHub CodeQL.

research codeql static-analysis 2020
Kernel Exploit with FileSystem Fuzzer (16 CVEs)
Lead Fuzzer Jul 2019 - Mar 2020

Developed a coverage-guided filesystem-driver fuzzer for Linux kernel; disclosed 16 CVE-class vulnerabilities.

research fuzzing kernel cve 2019
KNU Notification Crawler Development
Full-Stack Developer Sep 2019 - Nov 2019

Created a crawler and web dashboard to aggregate university notices in real-time.

development web crawler 2019
Keyword-Based News Crawler Development
Developer Jul 2018

Built a Python crawler that delivers keyword-filtered news via chatbot notifications.

development python crawler 2018

Featured Posts

Recent Posts

Achievements

16 CVEs about Kernel Exploit with FileSystem Fuzzer Best of the Best 8th (Jul 2019 ~ Mar 2020)

5 CVEs about IoT Embedded Device Bug Hunting Coresecurity (Apr 2024 ~ May 2024)

Achilles Level 2 Certification & Testing (Jul 2024 ~ Mar 2025)