How I became a white-hat hacker

Attila S. Szilagyi In most cases becoming and being a hacker is far more boring then it is presented in the movies: this is just another profession anyone can study in school — and I did. What is really exciting though, is the digital-technological revolution we just experience in our days. Current scientific breakthroughs have made possible self-flying drones, 3-D printing, virtual assistants and virtual reality. And yet a lot is going to be revealed: the Internet of Things, autonomous vehicles, nanobots and quantum computing – just to name a few. Tiny smart mobile devices and heavy cloudy services have already changed the way we communicate, interact and cooperate with each other. Increasing knowledge and expanding opportunities however entail growing responsibilities.

Security first

Increasing knowledge and expanding opportunities however entail growing responsibilities.

Every solution I develop and each system I design aims to process sensitive business data or private personal user information which must be protected from any damage or unwanted leakage. Or it controls digital electronic systems which of course hold enormous financial value to their owners and operators.

Many of the websites I created and administer have been attacked by malicious third parties. Quite a number of database and system restores I coordinated after some electrical black-outs and hardware casulties. I have dealt with military and national defense systems, in fact I was even honored to take a small part developing the successor of the industrial automation framework used in nuclear plants attacked by the StuxNet worm.

And of course in my private life and professional collaboration I rely on other's highly sophisticated works to attain online banking and procurement, and store, synchronize and distribute corporate data, and publish news or exchange any kind of information packed in different types of media.

So I need to understand the threats and shields of online privacy and system security. That's why after fifteen years of working as a software developer I went back to school to attend a training course on ethical hacking ( CEH ) held by my University and supervised by EC-Council to become an expert and get certified in corporate penetration testing.

In an enterprise vulnerability assessment and penetration testing an ethical hacker identifies the critical deficiencies in the client's systems.

By getting familiar with how to harmlessly attack different information technology systems I became more capable guarding against the malicious attempts by preventing common mistakes when developing my own applications.

Call to action

By getting familiar with how to harmlessly attack different information technology systems I became more capable guarding against the malicious attempts by preventing common mistakes when developing my own applications.

Ethical hacking — this profession did not merely exist just fifteen years ago. And its knowlegde base is growing day-by-bay requiring its occupants to never stop learning. Anyhow, if You share my passion for information technology, want to keep Your digital life intact, like achieving meaningful goals, strive for perfection and want to make this world a better place for everyone, then do not hesitate to reach out for the white hat. Put it on.

Dev Drops

Development projects, moments, name­cards, memories.
Victofon Kft. – the World in Your ears

ViFi – Victofon Fitting – medical-electronics manufacturing and fine-tuning system

Desktop solution for Victofon Ltd. used by medical experts and audiologists throughout the country to fine tune digital hearing aid devices and to fit them to the personal needs and hearing loss of hearing impeared patients. I re­designed the Windows® application according to object oriented programming principles and enhanced its functionality with new fitting algorithms, ability to program improved amplifier circuits and a multi-language user interface. On its code basis I developed a related solution called VMS – Victofon Manufacturing System which is used in the factory to initialize the digital chips of the newly produced devices and to measure the characteristics of the assembled parts in an acoustic chamber and to automatically adjust their parameters (C#, VB.Net, SQLite).

HVG-ORAC Newspaper and Book Publisher Ltd.

HVG-Orac – Portal administration, content management application and online store

Online editorial system for HVG-Orac Publishing Ltd. based on MicrosoftTM .Net technology includes a full automated processing of the EU legislation fetched from the Official Journal of the European Union daily and integrate it into the company's online legal service. The process converts the downloaded files and documents and dissects their content interpreted by the self-learning analyzer algorithm and merged into the data center with auto-generated detailed index. The editors can review and edit the data before publishing. The linked frontend offers an up-to-date issue explorer and a detailed search tool of the database content and allows visitors to purchase publications and to book for advertised events (C#, MS SQL Server, Html, XML, PDF, JavaScript).

Iparihirek.hu – Gőzfejlesztés és Mosodatechnológia

Iparihirek.hu – industrial news webportal and B2B marketing toolkit

The interactive industrial news site operated by market leading Austro-Hungarian steam boiler and laundry equip­ment distributor company Bepatek Ltd. is running on an open-source integrated content management engine (Joomla), which I customized to the customer needs and complemented with some custom made modules (eg: Automated Newsletters) developed by me (PHP, HTML, CSS, JavaScript, MySQL).

BADAR® – Business Administration Database management Analyser and Reporting system

BADAR® – Business Administration Database Management Analyser and Reporting System

The BADAR® application suite is an integrated SAS and CRM system, which includes the process-, project- and digital document management func­tional modules as well. To integrate word processing and spread­sheets capabilities into the Windows® desktop client, and to implement bulk-mailing and exporting reports to different document and file formats in the server services I chose to use the open source API of the Open­Office.org soft­ware package (C#, VB.Net, MS SQL).

Attila S. Szilagyi – electrical engineer, software developer, analyst, ethical hacker

Attila S. Szilagyi – electrical engineer, software developer, analyst, ethical hacker

Occupied with system planning, software develop­ment and penetration testing. I'm also a consultant expert on business logistics and industrial automation.

Sz. Sz. Sz. R. Ltd. – Traditional values, modern tools, innovative solutions

Sz. Sz. Sz. R. Ltd. – Traditional values, modern tools, innovative solutions

My small business since 2013 providing web, mobile and desktop application develop­ment, system engineering, trouble­shooting and support, consultation and penetration testing.

Additional projects

  • Hungarian National Postal Services (posta.hu) – B2B solution, client and webservice software development. Server and client business logic, server data access layer, client UX and UI. Consulting, designing, programming, testing, bug-fixing, creating user and developer manual, providing support (C#.Net, WPF, Telerik, WCF, SQLite).
  • Lagardere Services SAS (www.lagardere-services.com) – Development of an online shipment tracking and multi-warehouse express logistics system. Design and implement in-warehouse logistics IT functionality: reception, sorting, branching, shipment and routing, inventory, stock-taking and discrepancy handling of deliveries and containers in online server-client webservice application. Execution of unit- and load tests, improve network and query performance, deployment, bug-fixing, remote support (C#.Net, WinForms, WCF, MS SQL Server).
  • Radar HMI képernyőkép Pro Patria Electronics Inc. (propatria-inc.com) – Development of a special integrated surveillance and homeland security system. Engineer Interface Requirement Specification of unified communication protocol of ADAMS and design Pro Patria Sensor Manager Server. Develop class libraries to control radar and optical devices (C# .Net, 3rd party DLLs). Develop business logics of Pro Patria Sensor Control Interface graphical client (C#.Net, Direct-X, OpenGL, WPF).
  • Siemens AG. (siemens.de) – Developing integration test tool for the company's new multi­platform industrial automation framework: defined test cases, designed communication interface protocol specification, developed server and client business logic, deployment, testing, bug-fixing, user and developer manuals (C++, Qt, C#, N-Unit).

Hobby projects

  • Sz. Sz. Sz. R. – Windows desktop invoicing software for small businesses and freelancers (C#, SQL).
  • Simple Alarm Remote Controller – SMS based Android mobile application to remotely control compatible home alarm systems (java)
  • Budapest Mobile Parking – SMS based Android mobile application to pay parking fee in selected zones (java)

Contact

Attila Sandor Szilagyi