Daily ideas and recent information is Here (my blog, written in Japanese / English)

About me: Takashi Yoneuchi


Job: student of The University of Tokyo & Web Application Security Tester

Birthday: 1998/mm/dd

Location: Hokkaido and Tokyo

Skills, Hobbies and Interests

Computer Security

I'm interested at Web Security. I'm also a lover of a game called CTF. I'm in two teams: "dodododo", "i81109", and "TSG".


I often read Japanese novels. Nowadays I'm studying Spanish hard and reading Spanish books.


I'm not good at math so much, but I purely love math <3



(Coming soon :smiley:)


IBM Research - Tokyo (Internship)

As a student researcher.

UEC WEBSYS (電気通信大学 ウェブシステムデザインプログラム)

As a lecturer. Slides: (private)

Security Mini Camp 2018 in Tokushima, Hyogo, Yamanashi, Mie, Hokkaido, and Fukuoka / Security Junior Camp 2018 in Kochi / Security Camp 2018

As a staff.

SECCON 2018 Finals (Domestic)

As a member of dodododo. We won the 1st.

SECCON Beginners 2018 Hiroshima, (Tokyo,) and Nagoya

As a staff. Thank you all :-)


We TSG got 4th place :-)

SECCON Beginners CTF 2018

As a staff. I made some Web challenges for beginners.

Security Mini Camp 2018 in Okayama

As a speaker. Slides: here.

第 14, 15, 19, 22 回 ゼロから始めるセキュリティ入門 勉強会

As a speaker. Slides: 14th, 15th, 19th, and 22th

第21 回 セキュリティさくら (Security Sakura, a Japanese seminar on security)

As a speaker. Slides: here.


As a reviewer. I had been looking forward to the day when this book was published because it had been a while since previous book (No. 5) was published X)

SECCON 2017 Finals (International)

As a member of dodododo. We won the 3rd.


SECCON 2017 Online CTF

As a member of dodododo. We won the 11th.

SECCON Beginners 2017 Morioka, Nagoya, Hiroshima, Sendai, Tokyo, and Kagoshima

As a speaker.

SANS Netwars Tokyo 2017

As a participant and a member of Whitepapers. We got the 7th prize of 25 teams.


As a reviewer (but I made just a little contribution X-( )


As a reviewer. I highly recommend this series not only to all mathematics lovers but also to all people.

From 2014 to 2016

I was a high school student and made a lot of efforts for improving my handball skill :-) I made some small contribution to 数学ガール(Math Girl) as a reviewer. I love this series X-)



As a member of dodododo.

SECCON 2013 Hokkaido

As a member of the team dodododo, and we won the first. (Here)

OSC Hokkaido 2013 #osc13do

As a speaker.(Here)

Security Camp Forum 2013

As a speaker.


Security Camp 2012

As a participant.

Recent Publications

あなたの履歴を狙う攻撃たち / Eyes on Your Browsing History

あなたの履歴を狙う攻撃たち / Eyes on Your Browsing History (Japanese, 日本語)

Web セキュリティ入門 - 攻撃者の狙いを先読みする

Web セキュリティ入門 - 攻撃者の狙いを先読みする (Japanese, 日本語)

CSS Injection ++ - 既存手法の概観と対策

CSS Injection ++ - 既存手法の概観と対策 (Japanese, 日本語)

Tangled World of Web Technology

Tangled World of Web Technology ― Are we safe? (English)

XSS in the era of *.js

XSS in the era of *.js - JS ライブラリ時代の XSS (ゼロから始めるセキュリティ入門 勉強会 #14) (Japanese, 日本語)


Introduction: Content Security Policy (ゼロから始めるセキュリティ入門 勉強会 #14) (Japanese, 日本語)


CSP: Content Security Policy - The History and the Future of CSP (English)