Vahagn Vardanyan
Verified Expert in Engineering
Cybersecurity Engineer and Developer
Yerevan, Armenia
Toptal member since September 26, 2022
Vahagn is an experienced professional with over 10 years of experience in cybersecurity. During this time, he found numerous zero-day vulnerabilities in SAP, Oracle, Microsoft, IBM, PHP, and TeamViewer. For the last two years, Vahagn has worked as the CTO of RedRays, where he has provided penetration testing, vulnerability assessment, and other cybersecurity services.
Portfolio
Experience
- Burp Suite - 10 years
- Java - 10 years
- SAP Security - 10 years
- Penetration Testing - 10 years
- Zero-day Vulnerabilities - 10 years
- SAP - 8 years
- Secure Coding - 7 years
- Interactive Disassembler (IDA) Pro - 4 years
Availability
Preferred Environment
Windows, Linux, Interactive Disassembler (IDA) Pro, Burp Suite, OWASP Zed Attack Proxy (ZAP), PyCharm, IntelliJ IDEA, Amazon Web Services (AWS), Vulnerability Identification
The most amazing...
...project I've worked on is a security platform's SAP and Oracle ERP systems. The platform analyzed vulnerabilities and missing configurations.
Work Experience
CTO
RedRays
- Created a strategy for analyzing and finding vulnerabilities in SAP, Oracle, and Microsoft's ERP systems.
- Handled cybersecurity and managed the security analytics team.
- Served as a penetration testing and vulnerability assessments team lead.
- Acted as a senior security researcher in RedRays' research and development center.
Cybersecurity Architect
T-Systems International
- Conducted penetration testing and vulnerability assessment of IoT systems.
- Performed source code analysis using C++, Java, C#, and Python and worked on secure CI/CD implementation.
- Executed cloud infrastructure analysis for Amazon and Google using Azure.
Bug Bounty Hunter
Self-employed
- Joined HackerOne as a bug bounty member in 2014 and was in the top ten bug hunters for that year.
- Served as a vulnerability researcher and member of Synack's Red Team.
- Acted as an SAP cybersecurity researcher and found over 100 zero-day vulnerabilities.
Experience
TeamViewer Password Insecure Storage
https://github.com/vah13/extractTVpasswordsRemote Authentication Bypass of TeamViewer Software
https://nvd.nist.gov/vuln/detail/CVE-2018-16550Exploit Chains to Get Full Access to SAP Systems
https://github.com/vah13/SAP_exploitUsing these vulnerabilities, they wouldn't require authorization to discover user logins, get login password hashes, decrypt all user passwords, and log in to the SAP admin console.
Security Issue with Windows ZIP Files
https://github.com/vah13/Win_ZIP_passwordAfter the feature was released, the system would save the file password to its memory once a user opened an encrypted ZIP file. When the user tried to open the ZIP file again, Windows would take the file path, search the memory, and use the stored password. I discovered that it was possible to see the encrypted ZIP file's password by hooking SHUnicodeToAnsi from shlwapi.dll.
Oracle ERP Software Security Research
https://github.com/vah13/OracleCVECVE-2022-39802 - Critical issue in SAP NetWeaver
The URL used to inquire about this data included a file path argument that could be modified to provide unrestricted directory browsing on the remote server. The operating system user running the NetWeaver process or service could access the files in each directory, and the code fix in the patch takes care of the route internally. This prevents the value from being sent in dynamically as a query string. With a CVSS score of 9.9, the effect on confidentiality, integrity, and availability may be substantial depending on the information accessed during an attack.
SAP suggests a temporary fix in which sensitive data is removed from the file systems available to the operating system user, and the operating system user's access to unnecessary file paths is restricted.
Ai-powered Password Testing for Abap Stack
https://redrays.io/ai-powered-password-testing-for-abap-stack/Education
Master's Degree in Mathematics and Computer Science
National Polytechnic University of Armenia - Yerevan, Armenia
Certifications
Synack Red Team Top 10 Security Tester
Synack
HackerOne Top 10 Security Tester in 2015
HackerOne
Skills
Tools
IntelliJ IDEA, SAP Security, Interactive Disassembler (IDA) Pro, OWASP Zed Attack Proxy (ZAP), PyCharm
Languages
Java, Python, C++, C#
Paradigms
Penetration Testing
Platforms
Burp Suite, Windows, Linux, Azure, Amazon Web Services (AWS)
Industry Expertise
Cybersecurity
Other
Vulnerability Management, Zero-day Vulnerabilities, Security, IT Security, IT Audits, Vulnerability Identification, OWASP Top 10, Application Security, Web Security, Web App Security, Software Development Lifecycle (SDLC), Dynamic Application Security Testing (DAST), Vulnerability Assessment, Static Application Security Testing (SAST), IT Project Management, Software Development, Red Teaming, Low-level Programming, SAP, Secure Coding, SAP ERP, SAP Manufacturing Execution (SAP ME)
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring