Reverse Engineering
JaeHyuk Lim
Security Engineer & Reverse Engineer
Seoul
Summary
Hello, my name is JaeHyuk Lim, a 27-year-old Security Engineer from South Korea.
My primary areas of interest are Malware Analysis, Threat Analysis, and Reverse Engineering.
Over the past 8 years, I have been actively involved in various domains including automotive ECU security, blockchain threat analysis, and kernel 0-day research.
I have extensive experience in CTF competitions and reverse engineering, and I am particularly interested in analyzing new solutions and frameworks.
Overview
9
9
years of professional experience
32
32
Certifications
3
3
Languages
Work History
Security Engineer
Hyundai & Kia Mobility
2024.01 - Current
Development of LLM-Based Automated Vehicle System Firmware (January 2024 – April 2025)
- Developed utilities for reversing and restoring vehicle system firmware, and built an automated analysis framework.
- Implemented analysis solution and core engine for firmware based on LLM and Python.
- Conducted research on deobfuscation, decryption feasibility, and potential decryption techniques for Python-based firmware.
Vehicle & ECU Security Research (January 2024 – April 2025)
- Researched privilege escalation vulnerabilities in internal ECU control firmware and web-based intrusion methods.
- Analyzed vulnerabilities in ECU firmware and internal communication protocols, including privilege escalation issues.
- Studied vulnerabilities and engine-level flaws in system-internal browser-based components.
- Diagnosed vulnerabilities in external communication service layers, researched external mobile app obfuscation and deobfuscation techniques, and performed reverse engineering on mobile apps.
Web3 Security Engineer & Threat Analyzer
Haechi Labs
2022.08 - 2023.08
Blockchain Threat Analyzer (March 2023 – August 2023)
- Analyzed hacking incidents and breaches on blockchain networks.
- Investigated causes of asset leakage and smart contract attack vulnerabilities in DeFi platforms such as Safemoon and Midas Capital, and conducted PoC research.
Smart Contract & Blockchain 0-Day Researcher (August 2022 – March 2023)
- Performed vulnerability analysis and diagnostics on DeFi and NFT-based smart contracts in blockchain networks.
- Researched and analyzed vulnerabilities in well-known blockchain services such as Marblex and DFX Finance.
- Studied latent vulnerabilities in DeFi and standard protocols such as ERC.
Security Researcher
STEALIEN
2016.07 - 2022.07
LLVM & iOS Security Framework Developer (March 2021 – July 2022)
- Worked as an AppSuit iOS Developer & LLVM Security Framework Engineer.
- Researched and developed iOS security solutions using LLVM (e.g., CFG flattening, resource obfuscation).
- Anti-debugging, rooting detection, and system integrity validation.
Kernel & Browser 0-day & 1-day Researcher (July 2019 – March 2021)
- Conducted vendor analysis and full chain exploit research for kernel, browser, and Bluetooth stack modules.
- Performed 0-day and 1-day exploit research on Android Bluetooth (e.g., Blueroid, BlueZ).
- Researched Android OS Binder IPC privilege escalation vulnerabilities and exploitation techniques.
- Browser engine 0-day and 1-day vulnerabilities and advanced exploitation techniques.
Mobile & Web Pentesting Researcher (July 2017 – July 2019)
- Conducted penetration testing for mobile and web services in the financial sector (e.g., Samsung Card, Woori Card).
- Researched mobile and web service vulnerabilities, including login and authentication bypass.
- Discovered multiple critical vulnerabilities, and analyzed anti-tampering techniques such as Arxan protection on mobile.
Smart Home & IoT Vulnerability Analyst (July 2016 – July 2017)
- Specialized in vulnerability analysis of Smart Home and IoT-based systems.
- Analyzed vulnerabilities in LG Smart Home appliances (e.g., refrigerators, air conditioners) and HackRF-based low-level wireless communications.
Discovered multiple vulnerabilities including session hijacking, XSS, and remote firmware attacks. - Analyzed vulnerabilities in Kakao Mini's voice recognition speaker.
Researched firmware privilege escalation and obfuscation bypass techniques.
Education
Bachelor of Science - Cyber Security & Computer Science
Ajou University
Gyeonggi-do, South Korea 2001.04 -
Associate of Science - Cyber Security & Hacking
Best of The Best
South Korea 2001.04 -
Skills
Security information and event management
Wireless network security
Threat intelligence analysis
Security architecture design
Vulnerability assessment
Digital forensics investigation
Application security
Virtualization security management
Malware analysis and reverse engineering
Operating system hardening
Mobile device security
Secure software development
Incident logging oversight
Penetration testing
Threat analysis
Data security
Continuous improvement
Analytical thinking
Risk mitigation
Reliability
Problem-solving aptitude
Risk assessment
Problem-solving
Problem-solving abilities
Data protection
Accomplishments
In the blockchain field, I still find it quite challenging to fully understand economic-based attacks—such as arbitrage exploits leveraging MEV or vulnerabilities stemming from poorly designed oracle price mechanisms—due to my limited background in economics.
Additionally, in the broader field of traditional information security, I recognize the need to deepen my knowledge in web security.
As a result, my current goal is to thoroughly understand and internalize new types of vulnerabilities—especially those that differ fundamentally from the conventional logic flaws typically found in standard software systems.
Certification
WhiteHat Contest 2015 - 2nd price
Interests
Security Solution Development
Data Analysis
Additional Information
Reverse Engineer · July. 2020 - Now
Super Guesser
- I am a founding member of Super Guesser, a multinational global hacking team with multiple championship titles, including being a DEFCON CTF finalist and winning HITCON CTF.
Within the team, I am involved in topics related to reverse engineering, digital forensics, programming, and system hacking.
Timeline
SUSC 2023 - Speaker
2025-07
Security Engineer
Hyundai & Kia Mobility
2024.01 - Current
Hyundai Mobility Private Seminar - Speaker
2023-07
Security Fest 2023 - 1st price
2023-05
Hacktheon 2023 - Award
2023-05
LINE CTF 2023 - 3rd price
2023-03
Web3 Security Engineer & Threat Analyzer
Haechi Labs
2022.08 - 2023.08
GDSC 2022 - Speaker
2022-07
LINE CTF 2022 - 1st price
2022-03
SECCON CTF 2021 - 1st price
2021-12
Hxp CTF 2021 - 3rd price
2021-12
N1CTF 2021 - 1st price
2021-11
Wooricon 2021 Bug hunting competition - Awards
2021-11
PBCTF 2021 - 2nd price
2021-10
Hack.lu CTF 2021 - 2nd price
2021-10
DEFCON CTF 2021 - Finalist
2021-08
Redpwn CTF 2021 - 1st price
2021-07
CyBRICS CTF 2021 - 1st price
2021-07
UIUCTF 2021 - 1st price
2021-07
S4CTF 2021 - 1st price
2021-04
Zer0pts CTF 2021 - 1st price
2021-03
Securinets CTF Quals 2021 - 1st price
2021-03
Union CTF 2021 - 1st price
2021-02
Aero CTF 2021 - 1st price
2021-02
PBCTF 2020 - 2nd price
2020-12
KipodAfterFree CTF 2020 - 1st price
2020-11
Balsn CTF 2020 - 1st price
2020-11
HITCON CTF 2020 - 1st price
2020-11
CodeGate CTF 2017 University - 1st price
2017-10
CodeGate 2017 Pentest Show-case Contest - Award
2017-10
CCE 2017 Defense Team - 2nd price
2017-10
DEFCON CTF 2017 - Finalist
2017-10
Security Researcher
STEALIEN
2016.07 - 2022.07
WhiteHat Contest 2015 - 2nd price
2015-10
CodeGate 2014 Junior Seminar - Speaker
2014-02
Bachelor of Science - Cyber Security & Computer Science
Ajou University
2001.04 -
Associate of Science - Cyber Security & Hacking
Best of The Best
2001.04 -