shift-js.info
Maintained by Takashi Yoneuchi (@y0n3uchy, @lmt_swallow)
About Me
Name
- Takashi Yoneuchi
- lmt_swallow (つばめ)
- y0n3uchy
Affiliation
- Undergraduate student at the University of Tokyo
- SECCON Beginners
- Security Camp Steering Comittee 企画グループ
Interests
- Web security, especially the exploitation on browsers' implementation flaws
- Application of formal methods in the context of Web
- CTF (currently I'm a member of TSG/dodododo)
Links
- Blog
- Twitter(ja): @lmt_swallow
- Twitter(en): @y0n3uchy
- GitHub: @lmt-swallow
- Email: lmt.swallow@gmail.com
Activities
2019
UEC WEBSYS (電気通信大学 ウェブシステムデザインプログラム)
As a lecturer. Slides: (private)
Security Camp 2019
As a speaker. I will give attendees a 4-hour presentation named "体系的に学ぶモダン Web セキュリティ" (Learn Modern Web Security Systematically). Coming soon!
数学ガールの秘密ノート/ビットとバイナリー by Hiroshi Yuki
I participated in the review. This book is really amazing :-)
SECCON Beginners CTF 2019 (Online)
As a staff. It was held at 2019/05/25 - 2019/05/26. I provided three challs: Ramen, Secure Meyasubako, and Himitsu.
Shibuya.XSS techtalk #11
As a speaker. Slides: here.
TSG CTF 2019 (Online)
As a staff. It was held at 2019/05/04 - 2019/05/05. I provided two challs: RECON and BADNONCE. Result: here.
2018
IBM Research - Tokyo
As a student researcher.
UEC WEBSYS (電気通信大学 ウェブシステムデザインプログラム)
As a lecturer. Slides: (private)
Security Mini Camp 2018 in Tokushima, Hyogo, Yamanashi, Mie, Hokkaido, and Fukuoka / Security Junior Camp 2018 in Kochi / Security Camp 2018
As a staff.
SECCON 2018 Finals (Domestic)
As a member of dodododo. We won the 1st.
SECCON Beginners 2018 Hiroshima, (Tokyo,) and Nagoya
As a staff. Thank you all :-)
数学ガールの秘密ノート/行列が描くもの by Hiroshi Yuki
I participated in the review.
CODEBLUE CTF 2018 Quals
We TSG got 4th place :-)
SECCON Beginners CTF 2018
As a staff. I made some Web challenges for beginners.
Security Mini Camp 2018 in Okayama
As a speaker. Slides: here.
第 14, 15, 19, 22 回 ゼロから始めるセキュリティ入門 勉強会
As a speaker. Slides: 14th, 15th, 19th, and 22th
第21 回 セキュリティさくら (Security Sakura, a Japanese seminar on security)
As a speaker. Slides: here.
数学ガール/ポアンカレ予想 by Hiroshi Yuki
I participated in the review. I had been looking forward to the day when this book was published because it had been a while since previous book (No. 5) was published X-)
SECCON 2017 Finals (International)
As a member of dodododo. We won the 3rd.
2017
SECCON 2017 Online CTF
As a member of dodododo. We won the 11th.
SECCON Beginners 2017 Morioka, Nagoya, Hiroshima, Sendai, Tokyo, and Kagoshima
As a speaker.
SANS Netwars Tokyo 2017
As a participant and a member of Whitepapers. We got the 7th prize of 25 teams.
セキュリティコンテストのためのCTF問題集
I participated in the review a little.
数学ガールの秘密ノート/積分を見つめて
I participated in the review. I highly recommend this series not only to all mathematics lovers but also to all people.
From 2014 to 2016
I was a high school student and made a lot of efforts for improving my handball skill :-) I made some small contribution to 数学ガール(Math Girl) as a reviewer. I love this series X-)
2013
SECCON 2013
As a member of dodododo.
SECCON 2013 Hokkaido
As a member of the team dodododo, and we won the first. (Here)
OSC Hokkaido 2013 #osc13do
Security Camp Forum 2013
As a speaker.
2012
Security Camp 2012
As a participant.
Recent Publications
"Gimme a bit!" - Exploring Attacks in the "Post-XSS" World (English)
あなたの履歴を狙う攻撃たち / Eyes on Your Browsing History (Japanese, 日本語)
Web セキュリティ入門 - 攻撃者の狙いを先読みする (Japanese, 日本語)
CSS Injection ++ - 既存手法の概観と対策 (Japanese, 日本語)
Tangled World of Web Technology ― Are we safe? (English)
XSS in the era of *.js - JS ライブラリ時代の XSS (ゼロから始めるセキュリティ入門 勉強会 #14) (Japanese, 日本語)
Introduction: Content Security Policy (ゼロから始めるセキュリティ入門 勉強会 #14) (Japanese, 日本語)
CSP: Content Security Policy - The History and the Future of CSP (English)