Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile
Vahagn Israelian πŸ‡¦πŸ‡²

@0xkonqi

Application Security | Synack Red Team

ID: 3880183871

linkhttps://hackerone.com/konqi calendar_today06-10-2015 11:44:14

339 Tweet

2,2K Followers

404 Following

Mikhail Klyuchnikov (@m1ke_n1) 's Twitter Profile Photo
Mikhail Klyuchnikov
@m1ke_n1

6 years ago

The story how I found RCE in Citrix (CVE-2019-19781)

Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

6 years ago

#bugbounty #shellshock

#bugbounty #shellshock
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

6 years ago

Check out Easy Hack manual from PT SWARM #pentest #bugbounty

Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

6 years ago

Just got my swag pack from Synack Red Team for participation in Hacker Hangout Europe! #bugbounty #Synack

Just got my swag pack from <a href="/SynackRedTeam/">Synack Red Team</a> for participation in Hacker Hangout Europe! #bugbounty #Synack
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

6 years ago

Night of the Hunt Synack Red Team #BugBounty #Synack

Night of the Hunt <a href="/SynackRedTeam/">Synack Red Team</a> #BugBounty #Synack
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

6 years ago

Leveled up to 0x05! Ρ‡Π΅Ρ€Π΅Π· Synack Red Team #BugBounty #Synack

Leveled up to 0x05! Ρ‡Π΅Ρ€Π΅Π· <a href="/SynackRedTeam/">Synack Red Team</a> #BugBounty #Synack
PT SWARM (@ptswarm) 's Twitter Profile Photo
PT SWARM
@ptswarm

6 years ago

➑️Default creds for #redteam Cisco: cisco:cisco Citrix: nsroot:nsroot Dell iDRAC: root:calvin Juniper: super:juniper123 pfSense: admin:pfsense SAP: SAP*:06071992 Tomcat: tomcat:tomcat UniFi: ubnt:ubnt Weblogic: weblogic:weblogic1 Zabbix: Admin:zabbix #ptswarmTechniques

➑️Default creds for #redteam Cisco: cisco:cisco Citrix: nsroot:nsroot Dell iDRAC: root:calvin Juniper: super:juniper123 pfSense: admin:pfsense SAP: SAP*:06071992 Tomcat: tomcat:tomcat UniFi: ubnt:ubnt Weblogic: weblogic:weblogic1 Zabbix: Admin:zabbix #ptswarmTechniques
Crash Override (@crashappsec) 's Twitter Profile Photo
Crash Override
@crashappsec

4 years ago

Found my tweet from 2017

Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

4 years ago

coolest swag from Synack Red Team Synack #bugbounty #1337 #hacking #pentest

coolest swag from <a href="/SynackRedTeam/">Synack Red Team</a> <a href="/synack/">Synack</a> #bugbounty #1337 #hacking #pentest
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Just found GraphQL broken access control leading to administrator credentials disclosure. Here's how to avoid: 1) Implement Proper Authentication & Authorization mechanisms 2) Disable Introspection & field suggestion if API is not for public use #pentest #bugbounty #hacking

Just found GraphQL broken access control leading to administrator credentials disclosure. Here's how to avoid: 1) Implement Proper Authentication &amp; Authorization mechanisms 2) Disable Introspection &amp; field suggestion if API is not for public use #pentest #bugbounty #hacking
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Apache Struts 2 OGNL Injection (CVE-2013-2251) leading to Remote Code Execution. Found this one today during a Pentest. #bugbounty #hacking #pentest #struts #burpsuite

Apache Struts 2 OGNL Injection (CVE-2013-2251) leading to Remote Code Execution. Found this one today during a Pentest. #bugbounty #hacking #pentest #struts #burpsuite
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Atlassian Confluence Remote Code Execution through OGNL Injection. CVE-2023-22527 #atlassian #bugbounty #hacking #pentest #confluence

Atlassian Confluence Remote Code Execution through OGNL Injection. CVE-2023-22527 #atlassian #bugbounty #hacking #pentest #confluence
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

New Ivanti XXE seems promising (CVE-2024-22024) #pentest #bugbounty #synack #hackerone #ivanti

New Ivanti XXE seems promising (CVE-2024-22024) #pentest #bugbounty #synack #hackerone #ivanti
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Check out my new blog post on RCE through Grafana πŸ”₯ medium.com/@konqi/exploit… #pentest #bugbounty #bugbountytip #hacking #grafana

Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Yay, I was awarded a $500 bounty on HackerOne! hackerone.com/konqi #TogetherWeHitHarder Kinda back to H1. next step is to get clear badge

Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Fresh one. Leakage of payment gateway API credentials through Access Control Violation in GraphQL. #hacking #pentest #bugbounty #vapt #hackerone #owasp

Fresh one. Leakage of payment gateway API credentials through Access Control Violation in GraphQL. #hacking #pentest #bugbounty #vapt #hackerone #owasp
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

2 years ago

Heading to the airport on a Georgian bus. Free wi-fi & default router credentials are included 😏 #wifi #defaultcredentials

Heading to the airport on a Georgian bus. Free wi-fi &amp; default router credentials are included 😏 #wifi #defaultcredentials
Vahagn Israelian πŸ‡¦πŸ‡² (@0xkonqi) 's Twitter Profile Photo
Vahagn Israelian πŸ‡¦πŸ‡²
@0xkonqi

10 months ago

Just published a new blog post on escalating open redirect to account takeover. medium.com/@konqi/from-op… #bugbounty #pentest #Hacking

Just published a new blog post on escalating open redirect to account takeover. medium.com/@konqi/from-op… #bugbounty #pentest #Hacking