An Exhibition of A Hunger Artist 1nzag (graypanda) Security researcher

About me

Whoami:

Junyoung Jang

My core expertise lies in vulnerability research, and I am currently highly interested in applying LLMs to this field. I have been working in penetration testing and red teaming since 2019, and gained significant experience in AI for security through participating in the AIxCC competition. I have extensive security analysis experience across various platforms, including IoT, embedded systems, web, and Android. My achievements include advancing to the DEFCON CTF Finals and winning awards in numerous domestic and international security competitions.

Projects

  • Team Atlanta - AIxCC Challenge (2024 - 2025)
    • Contributed to winning 1st place at the DARPA AI Cyber Challenge
    • Improved engine (SymQemu) performance and implemented LLM-based fuzzer mutation strategies
    • Developed dynamic tracers using DynamoRIO/Jazzer and an SARIF verification system using LLMs
  • Design and Implementation of an Automated Malicious Site Detection and Collection System (2021 - 2022)
    • Developed an automated system that identified 743 malicious sites with a 98.79% true positive rate
  • App Security Research through Mobile Easy Payment Vulnerability Analysis (2017 - 2018)
    • Discovered bypass techniques for 3 major domestic easy payment app security modules and proposed mitigation strategies

Awards

  • DARPA AI Cyber Challenge (AIxCC) 1st Place (2025, USA)
  • WHITEHAT CONTEST 2024 Final (Military Track) 2nd Place (2024, Republic of Korea)
  • DEFCON CTF 32 Final 9th Place (2024, USA)
  • WHITEHAT CONTEST 2023 Final (Military Track) 2nd Place (2023, Republic of Korea)
  • RCTF 1st Place (2018, China)
  • DEFCON CHINA (BCTF) 3rd Place (2018, China)
  • CTFZone Final 4th Place (2018, Russia)
  • Kitri BoB (Best of Best) Top 10 (2018, Republic of Korea)
  • TokyoWesterns CTF 3rd Place (2017, Japan)
  • XCTF League Final 2nd Place (2017, China)

Education

  • Korea University M.S. in Information Security (2020.09 – 2022.08)
  • Korea University B.S. in Cyber Defense (2015.03 – 2019.02)
  • Sejong Science High School (2012.03 – 2015.02)

Publications & Patents

  • “ATLANTIS: AI-driven Threat Localization, Analysis, and Triage Intelligence System”, arXiv, 2025
  • “HTML and URL Feature-based Malicious Site Collection System”, Korea Institute of Digital Forensics, 2022
  • “A Study on the Bypass of Verification Function by Modulating the Result Value of Android Easy Payment Application Security Solution”, Korea Institute of Information Security and Cryptology (KIISC), 2018
  • “SOFTWARE CODE OBFUSCATION USING DOUBLY PACKED STRUCTURES”, KR 10-2017-0175594

Skills

  • Reverse Engineering, Vulnerability Research
  • System Hacking, Penetration Testing & Red Teaming
  • Programming Languages: Python, C, C++, Java, Javascript
  • Programming Language Parsing: Joern query, Tree-sitter, LSP
  • LLVM (LLVM pass) programming

Interested in:

  • linux kernel
  • reversing
  • LLM & AI for security