Geonwoo Jeong

a.k.a Plain
Security Researcher / CTF Player Web2 Security / LLM

Focused on web security and LLM research. Currently working at Stealien while attending Sunrin Internet High School. Also leading the research team RewriteLab and competing with CTF teams such as hypersonic and infobahn.

Capabilities
Web penetration testing, whitebox auditing
Web front-end/back-end development
EVM smart contract auditing
SVM smart contract auditing
CTF challenge creation
LLM agent development
Experience

Stealien

2026.02 - Present

A South Korea-based offensive cybersecurity company.

Conducting security research focused on LLM systems.

HSPACE

2025.02 - Present
Hacking Team

Active in hypersonic and knights as part of the Hacking Team.

Blockchain Valley

2024.08 - 2025.08
Security Team Co-Leader

A Korea University academic society focused on studying and researching smart contract security.

Selected Work

Penetration Testing : Korean Mobile Telecommunications Service

Stealien

Performed internal web penetration testing for a Korean mobile telecommunications service.

Penetration Testing : Korean Banking Service

Stealien

Conducted internal web penetration testing for a Korean banking service.

Research Project : StarGate

Security Research

Conducted vulnerability analysis of Synology devices, reviewing the attack surface and identifying security weaknesses in the platform.

Wargame Project : Damn Vulnerable Web

RewriteLab

Served as PM for a specialized web hacking wargame platform composed of high-difficulty challenges.

Affiliations
Research Team

RewriteLab

Founder & Operator.
An international research team focused on web security.

Current CTF Teams

hypersonic / infobahn

Member.
Competing in CTF across web2 and web3 categories.

Former Team

idek / FMC

Former member.
Focused primarily on solving web challenges there.

Selected Achievements
3rd
SECCON CTF International Division / team Pochita
2026
1st
TSG CTF / team Pochita
2025
1st
Midnight Flag CTF Final / team hypersonic
2025
1st
Whitehat Contest CTF Final / team 꼬키오
2025
2nd
Cyber Conflict Exercise Final / team 꼬키오
2025
6th
Blackhat MEA CTF / team DeadSec
2025
2nd
LG U+ Security Hackathon CTF Final / team 안전좋아좋아좋아
2025
2nd
Cyber Guardians CTF Final
2025
1st
Yeongnam Region Cyber Attack Defense CTF Final / team 꼬키오
2025
3rd
Aliyun CTF / team FMC
2025
3rd
COSS CTF / team 꼬키오
2025
2nd
Sunrin Internet High School Hacking Festival CTF
2025
8th
DSTA CDDC CTF Finalist
2025
8th
Snake CTF Finalist / team hypersonic
2025
Finalist
PoC CTF
2025
Finalist
Whitehat Contest CTF
2023
2nd
BYUCTF
2023
Finalist
CODEGATE CTF
2023
3rd
Korea Metaverse Developer Contest
2023
2nd
The Hacking Championship Junior
2023
Finalist
WACON CTF
2023
1st
KOSPO Web Security Contest
2022
3rd
Korea Digital Media HS IT Olympiad Security Section / Hacking Defense
2022
3rd
Korea Digital Media HS IT Olympiad Item Section / Entrepreneurship
2021
2nd
Korea Code Fair Hackathon
2021
Talks

.HACK : Vaults of Vulnerability

DeFi Hacks / Conference

A talk covering recurring vulnerability patterns and attack cases in DeFi environments.

HSPACE 2nd Seminar : UNISWAP V1~V4 Hidden Security Threats

UNISWAP / Seminar

A session on architectural changes across Uniswap versions and the security risks hidden within them.

Practical Web Penetration Testing Techniques

Tech Lecture / Corporate Training

An introduction to practical approaches for real-world web penetration testing.

DeFiHackLabs & Blockchain Valley : DeFi 1-day Case Analysis

DeFi Hacks / Lecture

A lecture on quickly analyzing DeFi 1-day incidents based on real-world cases.

DeFiHackLabs & Blockchain Valley : EVM Bug Cases

DeFi Hacks / Lecture

A session summarizing common vulnerability patterns and bug cases found in EVM-based projects.

DeFiHackLabs & Blockchain Valley : How to Audit Smart Contracts

DeFi Hacks / Lecture

An introduction to the mindset and review flow required when starting smart contract audits.

TeamH4C 3rd Student Hacking Note : True stories of student hackers

Experience / Seminar

A talk sharing early experiences in learning hacking and the lessons that came from them.

TeamH4C 5th Hacking Owls Security : Story of CTF solving 1-day challenge with 0-day

Tech / Conference

A presentation on the reasoning process behind solving a 1-day CTF challenge through a 0-day perspective.

Research

Advanced XSLeaks Research

RewriteLab / 2025

Analyzed browser-based information disclosure techniques and documented XS-Leaks vectors that remain viable in modern web environments.

Vulnerabilities in Oracles Based on Real-World Security Cases

Blockchain Valley / 2024

Analyzed vulnerabilities in oracle design and implementation based on real-world security incidents.

Proposal of a Web Vulnerability Automated Assessment Framework Using AI

DBpia / 2023

Proposed an AI-driven framework for automated web vulnerability assessment and studied the feasibility of evaluation automation.

Challenge Authoring
Writer
ACS (ASEAN Cyber Shield) CTF
2025
Writer
KAIST & POSTECH Coalition CTF (KAPO CTF) / KAIST & POSTECH
2025
Writer
idek CTF
2025
Writer
Layer7 CTF
2025
Writer
Chungcheong Area CTF Final
2025
Writer
HSPACE WAR Web Rounds CTF / HSPACE
2025
Writer
BISC CTF / Best of the Best Alumni
2023
Geonwoo Jeong Plain / clickjacking.me