How I became a white-hat hacker

Attila S. Szilagyi One of our clients wanted to archive a huge amount of data from a legacy application before they shut it down, but they had no built-in tools, admin rights, or physical access to the server, so they asked me to hack in to their own system.

In an enterprise vulnerability assessment and penetration testing an ethical hacker identifies the critical deficiencies in the client's systems.

Of course no client would be happy when I find some vulnerabilities in their application, but in this case it was for their good. The solution which I developed after my tests, proved to be useful, so that all the data they wanted out could be archived in time.

Increasing knowledge and expanding opportunities entail growing responsibilities.

For the sake of my clients by getting familiar with how to harmlessly attack different information technology systems I became more capable guarding my own applications against the malicious attempts by preventing common mistakes during development.

Dev Drops

Development projects, moments, name­cards, memories.
Victofon Kft. – the World in Your ears

ViFi – Victofon Fitting – medical-electronics manufacturing and fine-tuning system

Desktop solution for Victofon Ltd. used by medical experts and audiologists throughout the country to fine tune digital hearing aid devices and to fit them to the personal needs and hearing loss of hearing impeared patients. I re­designed the Windows® application according to object oriented programming principles and enhanced its functionality with new fitting algorithms, ability to program improved amplifier circuits and a multi-language user interface. On its code basis I developed a related solution called VMS – Victofon Manufacturing System which is used in the factory to initialize the digital chips of the newly produced devices and to measure the characteristics of the assembled parts in an acoustic chamber and to automatically adjust their parameters (C#, VB.Net, SQLite).

HVG-ORAC Newspaper and Book Publisher Ltd.

HVG-Orac – Portal administration, content management application and online store

Online editorial system for HVG-Orac Publishing Ltd. based on MicrosoftTM .Net technology includes a full automated processing of the EU legislation fetched from the Official Journal of the European Union daily and integrate it into the company's online legal service. The process converts the downloaded files and documents and dissects their content interpreted by the self-learning analyzer algorithm and merged into the data center with auto-generated detailed index. The editors can review and edit the data before publishing. The linked frontend offers an up-to-date issue explorer and a detailed search tool of the database content and allows visitors to purchase publications and to book for advertised events (C#, MS SQL Server, Html, XML, PDF, JavaScript).

Iparihirek.hu – Gőzfejlesztés és Mosodatechnológia

Iparihirek.hu – industrial news webportal and B2B marketing toolkit

The interactive industrial news site operated by market leading Austro-Hungarian steam boiler and laundry equip­ment distributor company Bepatek Ltd. is running on an open-source integrated content management engine (Joomla), which I customized to the customer needs and complemented with some custom made modules (eg: Automated Newsletters) developed by me (PHP, HTML, CSS, JavaScript, MySQL).

BADAR® – Business Administration Database management Analyser and Reporting system

BADAR® – Business Administration Database Management Analyser and Reporting System

The BADAR® application suite is an integrated SAS and CRM system, which includes the process-, project- and digital document management func­tional modules as well. To integrate word processing and spread­sheets capabilities into the Windows® desktop client, and to implement bulk-mailing and exporting reports to different document and file formats in the server services I chose to use the open source API of the Open­Office.org soft­ware package (C#, VB.Net, MS SQL).

Additional projects

  • Hungarian National Postal Services (posta.hu) – B2B solution, client and webservice software development. Server and client business logic, server data access layer, client UX and UI. Consulting, designing, programming, testing, bug-fixing, creating user and developer manual, providing support (C#.Net, WPF, Telerik, WCF, SQLite).
  • Lagardere Services SAS (www.lagardere-services.com) – Development of an online shipment tracking and multi-warehouse express logistics system. Design and implement in-warehouse logistics IT functionality: reception, sorting, branching, shipment and routing, inventory, stock-taking and discrepancy handling of deliveries and containers in online server-client webservice application. Execution of unit- and load tests, improve network and query performance, deployment, bug-fixing, remote support (C#.Net, WinForms, WCF, MS SQL Server).
  • Radar HMI képernyőkép Pro Patria Electronics Inc. (propatria-inc.com) – Development of a special integrated surveillance and homeland security system. Engineer Interface Requirement Specification of unified communication protocol of ADAMS and design Pro Patria Sensor Manager Server. Develop class libraries to control radar and optical devices (C# .Net, 3rd party DLLs). Develop business logics of Pro Patria Sensor Control Interface graphical client (C#.Net, Direct-X, OpenGL, WPF).
  • Siemens AG. (siemens.de) – Developing integration test tool for the company's new multi­platform industrial automation framework: defined test cases, designed communication interface protocol specification, developed server and client business logic, deployment, testing, bug-fixing, user and developer manuals (C++, Qt, C#, N-Unit).

Hobby projects

  • Sz. Sz. Sz. R. – Windows desktop invoicing software for small businesses and freelancers (C#, SQL).
  • Simple Alarm Remote Controller – SMS based Android mobile application to remotely control compatible home alarm systems (java)
  • Budapest Mobile Parking – SMS based Android mobile application to pay parking fee in selected zones (java)

Contact

Attila Sandor Szilagyi