Keunho Kim(rootk1m,gnosis)

Embedded Security Researcher

Researches IoT and embedded security through Vulnerability Research, Firmware Analysis, Exploit Reproduction, and Automated Exploit Generation.

About

About

Embedded security researcher performing vulnerability analysis, firmware reversing, exploit reproduction, and exploitability validation across IoT and embedded systems. Rather than stopping at reports, I connect findings to reproducible PoCs, exploit evidence, analysis logs, and response-oriented documentation.

Contributed to discovering multiple CVEs through smart-device vulnerability research, and built practical security analysis experience through an AUTOCRYPT Vehicle Threat Research Lab Red Team internship and an AutoHack 2025 award.

Recently, I focus on structuring vulnerability analysis and exploit generation through Firmware-to-Exploit pipelines, Automated Exploit Generation, and Agentic AI-based security automation.

Zero-Day ResearchAutomated Exploit GenerationIoT/Embedded SecurityAutomotive SecurityReverse EngineeringBinary ExploitationAgentic AICVE Research

Experience

Out of Bounds

Researcher

Vulnerability ResearchJun 2026 — Present
  • Zero-day vulnerability research
  • Automated Exploit Generation (AEG) development
Zero-Day ResearchVulnerability ResearchAEGExploit Automation

AUTOCRYPT

Red Team Intern

Vehicle Threat Research LabJan 2026 — Feb 2026
  • Automotive security threat analysis and penetration testing
  • Offensive security research targeting vehicle systems
Automotive SecurityPenetration TestingRed Team

CYAI Lab (Sejong University)

Undergraduate Researcher

Cybersecurity AI LabApr 2025 — Jun 2026
  • Conducting research on AI-driven security automation focusing on LLM and autonomous agents
  • Designed Agentic AI-based ExploitAgent architecture and experiment pipelines
  • Paper presentation at KSII Autumn Conference (Best Paper Award)
  • Participating in regular seminars analyzing recent APT attack and defense trends
  • Personal research MuCamp2: LLM-based APT attack scenario variant generation experiments
AI for SecurityAgentic AILLMExploit AutomationAPT Analysis

Whitehat School 3rd Cohort

Trainee

Security Training ProgramMar 2025 — Sep 2025
  • Completed advanced Offensive Security training
  • Hands-on vulnerability analysis and exploit development
Offensive SecurityTrainingExploit Development

Portfolio

Overview

I perform vulnerability analysis, firmware reversing, exploit reproduction, and exploitability validation across IoT and embedded systems. I contributed to discovering multiple CVEs through smart-device vulnerability research, and work on Firmware-to-Exploit pipelines and Automated Exploit Generation that connect findings to reproducible PoCs and exploit evidence.

Key Achievements

IoT/Embedded Security Research

  • Comprehensive security analysis of IoT smart doorbell — discovered 18 CVEs
  • Established vulnerability analysis methodology through firmware extraction and reverse engineering
  • Contributed to IoT security research community by publishing analysis guides

Automated Exploit Generation Research

  • Agentic AI-based ExploitAgent architecture design and autonomous behavior generation research
  • SCOUT: AEG-first Hybrid Engine that reconstructs exploitability from ELF and shell-script firmware evidence
  • Best Paper Award at KSII Autumn Conference

Automotive Security

  • Red Team intern at AUTOCRYPT Vehicle Threat Research Lab
  • Won COSS Council Chair Award at AutoHack 2025 automotive hacking competition
  • Conducted offensive security research targeting vehicle systems

Security Community Leadership

  • President of SSG, Sejong University security club
  • Systems hacking lecturer and embedded vulnerability analysis project mentor
  • Organization management and activity planning as operations/treasurer
Self-Developed Tools
  • SCOUT - AEG-First Firmware-to-Exploit Evidence Engine

Core Competencies

Zero-day vulnerability analysis and CVE discoveryBinary exploitation and reverse engineeringAgentic AI-based Automated Exploit Generation researchAutomotive security threat analysis and penetration testing

See the Full Story

Explore the background, role, results and lessons behind each project.

Publications

JournalFirst Author

MuCamp2: Generating Validated Cyber Campaign Variants via Constrained LLMs for Group Attribution

Keunho KimJimin LeeInsup LeeInsung HanJungsik LeeShinwoo ShimChanghee Choi

IEEE Access (SCIE)2026.06
ConferenceBest Paper Award

Agentic AI-based Anomaly Behavior Detection Method

Minjun KimJaejun ByunKeunho KimSanghoon ChoJimin LeeInsung HanSungjin ParkTaehoon KimChanghee Choi

KSII Spring Conference 20262026.05
Conference

LLM-based Security Log Reduction Technique

Jaejun ByunMinjun KimKeunho KimSanghoon ChoJimin LeeInsung HanSungjin ParkTaehoon KimChanghee Choi

KSII Spring Conference 20262026.05
ConferenceBest Paper Award

Architecture Design and Autonomous Behavior Generation of Agentic AI-based ExploitAgent

Sanghun JoKeunho KimChanghee Choi

KSII Autumn Conference 2025 (Defense IT Research Society)2025.10

Speaking & Community

Talks & Lectures

You Are Not Thinking At All

2026.05.16Sejong University Security Club Joint Seminar (SSG, S!, NSbit, Cyberpunk)

SCOUT Project Presentation

2026.05.09Incognito Conference

Introduction to Android Hacking for SSG

2026.05.01SSG Internal Seminar

Introduction to Embedded Hacking for SSG

2026.05.01SSG Internal Seminar

Community

SSG (Sejong Security Group)

President

Jan 2026 — Jun 2026

SSG (Sejong Security Group)

Projects Department Director

Sep 2025 — Dec 2025

SSG

Embedded Vulnerability Analysis Project Mentor

Sep 2025 — Jan 2026

SSG

Systems Hacking Lecturer & Mentor

Mar 2025 — Aug 2025

SSG

Operations / Treasurer

Sep 2024 — Aug 2025

Certified

Certifications

Awards

SPACE WAR @ ARIES (AI) CTF All Solved 7th Place

HSPACE

2026.03

AutoHack 2025 COSS Council Chair Award

Kookmin University Future Automotive Division

2025.11

Projects

Contact

Feel free to reach out for security research collaboration, speaking, or opportunities.