David Fegyver

davidfegyver.hu | HackerOne | GitHub | [email protected]

Profile

19-year-old cybersecurity enthusiast and bug bounty hunter with 4+ years of hands-on security experience. Currently a freshman in Computer Science BSc at ELTE. Skilled in offensive security, vulnerability research, and reverse engineering across web, mobile and hardware platforms.

Experience

Bug Bounty Hunter @ HackerOne

(2019 – Present)

• Reported 200+ valid vulnerabilities across web, mobile, and infrastructure targets.
• Secured 20+ programs mainly in finance, healthcare, gaming, and government sectors.
• Personal favorite focus areas:
  • Web: .NET, PHP, J2EE applications.
  • Android: Dynamic analysis with Frida; reversing Java, C# Mono, and IL2CPP binaries
  • Hardware: Explored legacy hardware, microcontrollers and communication protocols
    • Worked with MRI machines, rental bikes, and more

CTF Player @ Team Hungary

(2024 – Present)

• Finalist at CyberQuest CTF 2024 (Óbuda University)
• 2nd place (Junior) in Hungarian Cyber Security Challenge 2025
• Selected to represent Hungary at the European Cyber Security Challenge 2025

Penetration Tester @ Silent Signal Kft.

(Oct 2023 - Feb 2024)

• Conducted professional web application penetration tests and delievered detailed reports.
• Assisted in developing internal pentesting methodology, suggested new tools and techniques.

Security Research

• Researched the OutSystems low-code platform, identifying multiple vulnerabilities affecting retail and government bug bounty programs.
• Authored Nuclei templates for public CVEs and personal findings, enabling large-scale automated vulnerability discovery.
• Developing Kupak, an AI-driven web application exploration agent for reconnaissance on new penetration testing targets.

Projects

• CanSat: Designed ESP32-based hardware and software with LoRa communication, multi-sensor integration, secure telemetry and data storage.
• Experimenting with Software Defined Radio (SDR) to analyze wireless protocols and communicaton methods.
• Reverse engineered and preserved legacy systems:
  • Extracted software from a 486-based SBC under strict hardware limitations
  • Reversed MS-DOS Turbo Pascal betting game software, emulating hardware dependencies

Languages

• Hungarian – Native
• English – C1 (Professional working proficiency)
• German – B2 (Limited working proficiency)