10 years of experience in .NET/C#

• Experience with Windows Forms, WPF, MVC 5-6, Web Forms and Web API, gained through personal projects since the age of 13.
• Extensive knowledge of Test-Driven Development via leading unit test libraries, such as NUnit and MSTest.
• Extensive experience with various development tools, used to:
  • profile and analyze unit test coverage, such as dotCover;
  • profile, detect and mitigate memory leaks, such as ANTS Memory Profiler and dotMemory;
  • profile, detect and mitigate performance bottlenecks, such as ANTS Performance Profiler and dotTrace.
• Various short-term hobby projects along the time driven by the desire to learn and experiment in various fields, thus expanding my experience and increasing my knowledge of various algorithms, frameworks, and my programming ability as a whole.

8 years of experience in C/C++

• Extensive use of the UI libraries Qt and MFC.
• Experience with cross-platform software development on Windows, Linux, FreeBSD and Mac OS X platforms, including usage of OS-specific component implementations, such as differing network stacks on the lowest level.
• Usage of qmake, CMake (and its components CPack and CTest) to build, test and package software for distribution on multiple platforms.
• Unit-testing with Boost.Test and Google Test, including mocking with Google Mock.
• Experiments with massively parallel systems, such as OpenCL and nVidia’s CUDA, which are GPU-backed languages. Frequent use of OpenMP and projects with MPI.
• Experience with NSIS, InnoSetup, and WiX, including scripting of custom methods.

12 years of experience in HTML, CSS, JavaScript, PHP and MySQL

• Up-to-date knowledge of HTML 5, CSS 3, PHP 7/Hack, JavaScript, and SQL as of today.
• Extensive knowledge in the use and production of REST APIs, OAuth, OpenID and SOAP, also having experience in data-interchange formats, namely: JSON, XML, Google Protocol Buffers, BSON, and various others.
• Knowledge of various SQL flavors, in order of skill level: MySQL, SQLite, Oracle, PostgreSQL and Microsoft SQL Server.
• Extensive knowledge of optimization and caching mechanisms, including the optimization of relational databases (query plans, indices, complexities, …), key-value stores (such as Redis and memcached). Multi-tiered caching systems, utilizing the aforementioned technologies, with a fallback to file-based LRU caches. Brief exposure to document stores, namely MongoDB and CouchDB.
• Extensive exposure to dedicated search servers, namely ElasticSearch and Sphinx, including both their programmatic use and proper server configuration.
• Experience with jQuery, semantic web and dynamic webpages, utilizing AJAX and JavaScript ”MVW” frameworks, namely Angular.js.
• Experience with Bootstrap, and grid-based fluid and responsive web design.
• Familiarity with Model-View-Controller (MVC) architectures.
• Extensive experience with test-driven development via PHPUnit, and the use of various development tools, such as performance profilers and remote debuggers, namely XDebug.
• Experience with both horizontal and vertical scaling of both databases and codes.
• Familiarity with the integration and implementation of various payment gateway processors, such as PayPal IPN, Stripe, and Bitcoin RPC.
• Intricate knowledge on the security front, and up-to-date on the 0-day scene. While programming, I have a security- and optimization-focused mindset.

8 years of experience in Unix-like systems (Linux, BSD)

• Extensive knowledge of the Linux ecosystem as of today. Personally owning and administering multiple production and staging servers, while providing support for others on an incident-response basis.
• Early adopter on multiple fields, including IPv6, having been participated in the private beta of the IPv6 deployment of both RDS&RCS and Dreamhost. The configuration and use of IPv6 networking was the primary reason to stay with OpenWRT-flashed routers in the first place, as it was not yet available in consumer firmware due to the low technology adoption rate at the time.
• Tendency to automate tedious processes, by scripting them in the appropriate environment. (Such as shell scripts in Unix and Unix-like systems.)
• Strong Bash scripting experience, including heavy terminal usage, and heavy knowledge of the BSD and GNU userland tools.
• Ability to configure, administer, update and support Debian and CentOS-based systems for various purposes:
  • Web servers: nginx, lighttpd, Apache, with fast and secure configurations, including caching and microcaching techniques, on-the-fly optimization with Google PageSpeed modules; Web Application Firewall security modules, such as mod_security and mod_evasive; proper deployment of TLS according to best practices and high Qualys scores or compliance with PCI DSS 3.1 or NIST SP.800-52r1; load-balanced environments, including various internal architectures and 3^rd-party CDN integration (CloudFlare, Incapsula...)
  • Email servers: exim, Postfix, Dovecot, with proper deployment of current authentication methods for anti-spam such as SPF records, DKIM (DNS records and signing at the mailer daemon level), DMARC (DNS records and interpretation of the incoming reports) and ADSP records.
  • Database servers and various stores: MySQL (and forks, namely MariaDB and PerconaDB), PostgreSQL, Redis, CouchDB, memcached, etc.
  • Search servers: ElasticSearch, Sphinx, with optional content synchronization.
  • Proxies and VPN servers: OpenVPN, L2TP/IPSec, PPTP protocols, through various daemons which the selected distribution recommends, including multi-functional servers, such as SoftEther.
  • Authentication servers: FreeRADIUS, OpenLDAP
  • Type-1 hypervisors: VMware ESXi, Microsoft Hyper-V
  • Experience with hidden services, namely Tor and I2P, including configuring the middleware and securing the servers behind it not to leak personally-identifiable information.
  • Exposure to meshnets, such as the Hyperboria network on the CJDNS.
• Extensive experience with cloud-service providers, namely Amazon AWS, Linode, and DigitalOcean. Exposure to Microsoft Azure services.

Extensive experience in Penetration Testing and Reverse Engineering

• Penetration Testing
  • Up-to-date with security bulletins.
  • Knowledge of Cross-Site Scripting, SQL Injection, Cross-Site Request Forgery and similar techniques from a very young age, around 11 or so.
  • Familiarity with Black, Grey and White Box Penetration Testing methodologies.
  • Experience with vulnerability assessment tools Nessus, Nexpose and OpenVAS, including interpretation of results, vulnerability validation and elimination.
  • Extensive use of penetration testing frameworks and tools such as Metasploit, nmap, tcpdump, OWASP ZAP, Burp Suite, sqlmap, and many others.
  • Familiarity with Web Application Firewalls and Intrusion Detection Systems, techniques to bypass them, and to strengthen them for different purposes.
  • Notified university of being vulnerable to OpenSSL’s heartbleed bug, approximately 5 hours after the public disclosure of the bug.
• Reverse Engineering
  • Experience with disassembling, modifying and reassembling MSIL/CIL, Java bytecode and x86(-64) ASM.
  • Familiarity with the tools and techniques used in reverse engineering, such as:
    • Debuggers: WinDbg, OllyDbg/Immunity Debugger.
    • Disassemblers/Decompilers: IDA Pro, Reflector, JD, amongst others.
    • Various file format/PE analysis tools, packer techniques and anti-virus evasion.

Miscellaneous Technical Skills and Experiences

• Gained deeper insights into various fields pertaining to Computer Science and Electrical Engineering, of whose knowledge were previously vague and/or fragmented:
  • Use of Matlab to solve problems, analyze data, draw in 2D and 3D space, and perform simulations.
  • Knowledge of programming techniques, structures, algorithms and graph theory.
  • Furthered knowledge in the field of relational databases, including relational algebra, database normalization, and so on.
  • Intricate knowledge of the UNIX operating system, and general theories belonging to Operating Systems and computers in general.
  • Introduction to the world of Logical and Functional programming, beginning from the implementation of various algorithms in a recursive way, until the implementation of more complex applications with GUI.
  • Analogue and Digital integrated circuits, Boole logic, Automata theory, finite-state automaton implementations using analogue circuit elements, binary systems, decoders, (de-)multiplexers, mathematical operations, amplifiers, operational amplifiers, counters, mono-/bi-stables, registers, and memory types.
  • FPGA programming, including implementation of state-machines using either or both VHDL programming and/or schematic design of circuit elements and gates.
  • Microcontrollers, such as PIC and Atmel programmed in ANSI C. Intricate knowledge of the inner workings of a microprocessor thanks to Microcontroller Design, Computer Architecture and Assembly Language classes.
  • Built a fully working CPU in FPGA from scratch for a class assignment.
  • Gained deeper insight into the automation of SCADA systems and networking in cars, including the CAN protocol and the CAPL programming language in a special course taught by Continental AG.
  • Learned the advanced parts of Artificial Intelligence via the related courses, which were then later put in practice via several extracurricular projects.
  • Furthered knowledge in the field of networking by embarking on a journey to study the intricacies of various networking protocols as an extracurricular activity, by writing a WiFi packet capture software that also analyzes the received data.
• Screen-Scraping
  • Strong knowledge of regular expressions and XPath.
  • Complicated setups involving scripts that circumvent anti-screen-scraping measures, even to the point of OCR-ing the Captcha, when it is weak enough, otherwise using the human-powered services available on the markets.
• Search Engine Optimization
  • Google Panda-tailored optimizations that have proven their legitimacy throughout the various websites I operate.
• Version Control Systems
  • Extensive use of git nowadays.
  • Previously used SVN.
  • Familiarity with other VCSs, such as Mercurial and CVS.
• Continuous Integration
  • Experience with CI through usage in open-source projects.
  • Familiarity with the set-up and usage of Jenkins and Travis CI.
• Self-teaching is an important part of my lifestyle. I try to keep up with the ever-evolving technologies of today.
  • I constantly try out new languages, new technologies and new practices. I constantly go back and re-do old projects, with a twist, and I challenge myself to do it much better this time, by setting much higher goals.
  • I read research papers, 0-day bulletins and other sources of information that let me be ahead of the competition.
  • I am not afraid to take initiative, and to color outside of the lines. I don’t mind to get my hands dirty to try something out, let it be DoS-ing my own server in order to try out if an optimization technique or security practice did indeed work.
  • I also watch conference videos (such as DefCon, Black Hat, etc) and tech-talks (such as Microsoft’s GoingNative, and much more) in order to get an edge in their specific fields.
• When writing code, I focus on simplicity, code-maintainability, optimization and security.
• Communication skills gained through regular business and social interaction with clients and fellow developers.
• Presentation skills acquired by frequently giving presentations about various topics to varying audiences.
• Organizational/Managerial skills accumulated over time via superfluous scheduling and prioritizing to meet business and educational deadlines.
• Fluency in English, Hungarian and Romanian.

Curriculum Vitæ