- Department of Information Science, Faculty of Science, the University of Tokyo (as an undergraduate)
- Flatt Security, Inc.
- SECCON Beginners
- Security Camp Steering Comittee 企画グループ・講師育成グループ
- dodododo, shibad0gs, and TSG (CTF team)
- Exploitation of Web applications
- Application of side-channel attacks on Web
I got a CVE: CVE-2020-6400 (Inappropriate implementation in CORS in Google Chrome).
I will give an introduction course on web security. I'd appreciate if you applied to the course!
I will give an 8-hour course on latest security features implemented on Web browsers and advanced exploitation techniques for modern web applications.
I talked about issues related to ReDoS and show a new attack vector. Slides: here.
Coming soon ...
I talked about classical web vulnerablities (e.g. SQL Injection, XSS, ...) and gave an introduction to authZ and authN.
SECCON CTF 2019 Finals (Domestic)
We dodododo won the 1st.
IPA ワークショップ (体系的に学ぶモダン Web セキュリティ / Learning Modern Web Security)
I did an eight-hour workshop on web security in collaboration with Information-technology Promotion Agency.
I did an eight-hour workshop on web security at National Institute of Information and Communications Technology (NICT) Innovation Center.
I participated in the review. I recommend you buy :-)
I created a Web challenge named "Snippet".
I participated as a staff. In Yamanashi, I talked about Security Camp (at 『セキュリティ・キャンプ紹介』).
I organized those events.
JNSA e-zine ("BlackHat USA 2019 参加記")
I contributed an article to JNSA (Japan Network Security Association) e-zine. Here is the link of the article.
Packet Hacking Village of DEFCON 2019
I participated as a volunteer. It was a great experience :-)
Security Camp 2019
I gave attendees a four-hour presentation named "体系的に学ぶモダン Web セキュリティ" (Learn Modern Web Security Systematically). Slides: here.
I participated in the review. This book is really amazing :-)
SECCON Beginners CTF 2019 (Online)
I organized the event. It was held at 2019/05/25 - 2019/05/26. I provided three challs: Ramen, Secure Meyasubako, and Himitsu.
I talked on modern Web exploitation including XS-Leaks and advanced CSS Injection. Slides: here.
TSG CTF 2019 (Online)
It was held at 2019/05/04 - 2019/05/05. I provided two challs: RECON and BADNONCE. Result: here.
I got a CVE: CVE-2018-16205 (XSS in Growi, a open-source wiki software).
IBM Research - Tokyo
As a student researcher.
I talked about web security (introduction level).
Security Mini Camp 2018 in Tokushima, Hyogo, Yamanashi, Mie, Hokkaido, and Fukuoka / Security Junior Camp 2018 in Kochi / Security Camp 2018
I participated in them as a staff.
SECCON CTF 2018 Finals (Domestic)
We dodododo won the 1st.
SECCON Beginners 2018 Hiroshima, (Tokyo,) and Nagoya
I participated in them as one of organizers. Thank you all :-)
I participated in the review.
We TSG got 4th place :-)
I made some Web challenges for beginners.
I provided a introduction course on eb security. Slides: here.
I talked on the complexity of web security. Slides: here.
I participated in the review. I had been looking forward to the day when this book was published because it had been a while since previous book (No. 5) was published X-)
SECCON 2017 Finals (International)
As a member of dodododo. We won the 3rd.
SECCON 2017 Online CTF
We dodododo won the 11th.
SECCON Beginners 2017 Morioka, Nagoya, Hiroshima, Sendai, Tokyo, and Kagoshima
I provided the introduction course on solving Web challs at CTFs.
SANS Netwars Tokyo 2017
I participated in it as a member of Whitepapers. We got the 7th prize of 25 teams.
I participated in the review a little.
I participated in the review. I highly recommend this series not only to all mathematics lovers but also to all people.
From 2014 to 2016
I was a high school student and made a lot of efforts for improving my handball skill :-) I made some small contribution to 数学ガール(Math Girl) as a reviewer. I love this series X-)
As a member of dodododo.
SECCON 2013 Hokkaido
OSC Hokkaido 2013 #osc13do
Security Camp Forum 2013
As a speaker.
Security Camp 2012
As a participant.