tyage
Web Frontend / Backend Developer and Security Engineer
Publications
Job Experiences
Security Engineer at Ierae Security, Inc
May 2020 – Present
Security Engineer at LINE Corporation
Apr 2018 – Apr 2020
Software Engineer at Morelor, Inc.
2013 – 2017
Educations
Kyoto University Graduate School of Informatics
Apr 2016 – Mar 2018
Kyoto University Faculty of Engineering
Apr 2012 – Mar 2016
CTF Teams
Organized CTFs
IERAE CTF 2024 (Challenge Creation)
Sep 2024
IERAE DAYS CTF v0.1 (Challenge Creation)
Dec 2023
ACSC 2023 (Challenge Creation)
Feb 2023
ACSC 2021 (Challenge Creation)
Sep 2021
TokyoWesterns CTF 2020 (Challenge Creation)
Sep 2020
CODE BLUE CTF 2019 (System Development)
Oct 2019
CODE BLUE CTF 2018 Quals & Finals (Challenge Creation & System Development)
Jul 2018 – Nov 2018
CODE BLUE CTF 2017 (Challenge Creation)
Nov 2017
ED CTF (Challenge Creation)
2014
Onsite International CTFs
- SECCON CTF 13 International Finals (Tokyo, Japan)
- Automotive CTF 2024 (Detroit, USA)
- Midnight Sun CTF 2024 Finals (Stockholm, Sweden)
- Midnight Sun CTF 2023 Finals (Stockholm, Sweden)
- HITCON CTF 2023 Final (Taipei, Taiwan)
- SECCON CTF 2023 International Finals (Tokyo, Japan)
- Hackceler8 2022 (Google CTF Finals) (London, UK)
- Cyber Mimic Defense 2019 (Nanjing, China)
- DEF CON CTF 2018 (Las Vegas, USA)
- Google CTF 2017 Finals (Zurich, Switzerland)
- Codegate CTF Finals 2017 (Seoul, South Korea)
- WCTF 2017 (Beijing, China)
- SECCON 2017 Finals (Tokyo, Japan)
- Trend Micro CTF 2017 - Raimund Genes Cup - The Final (Tokyo, Japan)
- DEF CON CTF 2016 (Las Vegas, USA)
- SECCON 2016 Finals (Tokyo, Japan)
- Trend Micro CTF Asia Pacific & Japan 2015 Final (Tokyo, Japan)
- DEF CON CTF 2014 (Las Vegas, USA)
- SECCON 2014 Finals (Tokyo, Japan)
- SECUINSIDE CTF Finals 2014 (Seoul, South Korea)
- No cON Name Facebook CTF Finals 2013 (Barcelona, Spain)
Talks
- TBD
CVEs
- CVE-2024-51479 - Improper Authorization in Next.js
- CVE-2024-26144 - Exposure of Sensitive Information in Ruby on Rails
- CVE-2023-3672 - XSS in webmention.js
- CVE-2022-23183 - Missing Authorization in Advanced Custom Fields
- CVE-2021-20867 - Missing Authorization in Advanced Custom Fields
- CVE-2021-20866 - Missing Authorization in Advanced Custom Fields
- CVE-2021-20865 - Missing Authorization in Advanced Custom Fields
- GHSA-hxwm-x553-x359 - Arbitrary Command Injection in npmcli/git
- CVE-2020-5421 - RFD attacks protection bypass in Spring Framework
- CVE-2020-1957 - Authentication bypass in Apache Shiro
- CVE-2020-1757 - Improper Input Validation in undertow
- CVE-2017-2239 - Exposure of Sensitive Information in Marp
- CVE-2017-2134 - XSS in ASSETBASE