Vahagn Israelian π¦π²
@0xKonqi
Followers
3K
Following
433
Media
57
Statuses
340
Application Security | Synack Red Team
I'm Only Here For a While
Joined October 2015
Just published a new blog post on escalating open redirect to account takeover. #bugbounty #pentest #Hacking
0
2
4
Heading to the airport on a Georgian bus. Free wi-fi & default router credentials are included π. #wifi #defaultcredentials
0
0
2
Fresh one. Leakage of payment gateway API credentials through Access Control Violation in GraphQL. #hacking #pentest #bugbounty #vapt #hackerone #owasp
1
0
6
Yay, I was awarded a $500 bounty on @Hacker0x01! #TogetherWeHitHarder . Kinda back to H1. next step is to get clear badge.
0
0
11
Check out my new blog post on RCE through Grafana π₯ #pentest #bugbounty #bugbountytip #hacking #grafana.
medium.com
Today I was conducting internal penetration testing for a mid-size company when I came across a Grafana(v10) instance with default adminβ¦
0
1
6
4
17
104
Atlassian Confluence Remote Code Execution through OGNL Injection. CVE-2023-22527.#atlassian #bugbounty #hacking #pentest #confluence
1
2
9
Apache Struts 2 OGNL Injection (CVE-2013-2251) leading to Remote Code Execution. Found this one today during a Pentest. #bugbounty #hacking #pentest #struts #burpsuite
0
1
3
Just found GraphQL broken access control leading to administrator credentials disclosure. Here's how to avoid:. 1) Implement Proper Authentication & Authorization mechanisms.2) Disable Introspection & field suggestion if API is not for public use. #pentest #bugbounty #hacking
0
0
2
1
0
11
0
1
27
7
5
177
Just got my swag pack from @SynackRedTeam for participation in Hacker Hangout Europe! #bugbounty #Synack
1
3
121
π₯Easy RCE Ports. Java RMI: 1090,1098,1099,4444,11099,47001,47002,10999.WebLogic: 7000-7004,8000-8003,9000-9003,9503,7070,7071.JDWP: 45000,45001.JMX: 8686,9012,50500.GlassFish: 4848.jBoss: 11111,4444,4445.Cisco Smart Install: 4786.HP Data Protector: 5555,5556. #ptswarmTechniques
0
3
7
RT @SynackRedTeam: The results are in. congrats to our #HackerHangout Europe winner, Ozgur - @ozgur_bbh π! And extra shout outs to our topβ¦.
0
6
0
Virtual HackerHangout Europe with @SynackRedTeam Like:.#hackerhangout #road2tokyo #BugBounty #synack
1
0
39