Email: [email protected]

Location: Seoul, South Korea

Phone: +82 10-8062-2550

LINKS

• LinkedIn: https://www.linkedin.com/in/soon-chan-hwang-50b353152/
• X: https://x.com/gegul_
• GitHub: https://github.com/kismp123

<aside> <img src="/icons/bookmark_gray.svg" alt="/icons/bookmark_gray.svg" width="40px" />

Blockchain security researcher specializing in smart contract auditing and vulnerability research, with proven bug bounty results across major ecosystems (e.g., Ethereum, Wormhole, Optimism). Ranked All-time #10 whitehat @ Immunefi. Also experienced in exploit development and reverse engineering, including devirtualization and sandbox escape research.

</aside>

HIGHLIGHTS

• All-time #10 whitehat @ Immunefi
• Open-source: BugChainIndexer (details below)

WORK EXPERIENCE

• Lead Security Researcher — Hexens (2025.03 – 2026.04)
  • Performed smart contract audits and vulnerability analysis across multiple protocols.
  • Delivered actionable findings and remediation guidance aligned with real-world threat models.
• Chrome Exploit Development — STEALIEN (2024.02 – 2025.02)
  • Developed research tooling related to a Chrome sandbox escape 1-day vulnerability.
• Devirtualization Research (Themida) — Raon Whitehat (2021.04 – 2023.02)
  • Restored virtualized code to its original form for Themida v2/v3.
  • Successfully recovered original logic for both regular virtualization and double virtualization.
• Security Researcher — Orange Security (2020.05 – 2020.09)
  • Conducted vulnerability assessments for web and Android applications.
• Security Operations — Igloo Security Inc (2019.09 – 2020.04)
  • Triaged security events and differentiated false positives from true positives.
• Security Operations — Air Force Information Security (2013.06 – 2015.06)
  • Monitored attacks and analyzed malware indicators (e.g., URLs used for communication).
  • Operated firewalls and authored IPS patterns to detect and block exploit activity.

SELECTED PROJECT

BugChainIndexer

https://github.com/kismp123/BugChainIndexer

A lightweight tool that tracks Transfer events to identify and filter contracts that actually hold funds. By focusing only on fund-holding contracts, it enables faster triage and targeted analysis, helping quickly uncover meaningful vulnerabilities.