Khagan Karimov

385 E, 3rd Ave · Salt Lake City, UT 84103 · (801) 865-1158 ·

I am experienced in cybersecurity. I have been worked as an ethical hacker in various companies for more than 3 years. Currently, I am a first year PhD student at the University of Utah. I am interested in hardware security, cyber-physical systems besides fuzzing, and vulnerability finding.


Research Assistant

The University of Utah, Salt Lake City, The USA

Gathers, organizes and analyzes data through interviews, literature searches, record reviews and related non-lab methods for use in studies, publications and other research related uses. .

August 2022 - Present

Penetration Tester

CyrexTech Company, Dublin, The Republic of Ireland

Performing intensive penetration tests upon very well-known games: Voxies, Gods Unchained, etc. Various types of vulnerability assessments on the websites.

February 2022 - June 2022

Penetration Tester

Mazarina Trade Company LLC

Performing intensive penetration tests concerning various domains: Web, Mobile, Network Infrastructure Blackbox, Whitebox and Greybox penetration tests on web applications, including code analysis Documenting important findings and reporting them to the management Searching for common misconfigurations on servers running on the infrastructure Phishing events to raise employee awareness.

January 2020 - February 2022


University of Utah

Doctor of Philosophy
Computer Science - Cybersecurity Track

August 2022 - Present

Baku Higher Oil School

Bachelor of Engineering
September 2017 - June 2022


  • Infrastructure penetration testing using Nmap, Crackmapexec, Nessus
  • Web application penetration testing with Sqlmap, Burp Suite, Feroxbuster
  • Programming Languages: Python, Bash, C, C++
  • Active Directory Pentesting (Enumerating forests, exploiting interdomain relationships, using tools like Mimikatz, Rubeus, Bloodhound.
  • Mobile application penetration testing using Android Debug Bridge, MobSF, Burp Suite, Drozer. Both Linux and Windows privilege escalation techniques (DLL hijacking, Unquoted service path exploitation, misconfigured SUID, etc.)

Publication Highlights

2022 - Khagan Karimov. ”Cyber threats concerning Programmable Logic Controllers: Key Infrastructure Protocol”(Diploma Thesis). III International Scientific Conferences of Students and Young Researchers.

2021 - Isa Jafarov, Khagan Karimov, Yagut Shakizade, Sanan Hasanov. ”Security issues of Modbus Industrial Communication Protocol”. II International Scientific Conferences of Students and Young Researchers..

Awards & Certifications

  • II Place in University Entrance Exam - Presidential Scholarship