daviiid's resume

## David Fegyver [davidfegyver.hu](https://davidfegyver.hu) \| [HackerOne](https://hackerone.com/davidfegyver) \| [GitHub](https://github.com/davidfegyver) \| [[email protected]](mailto:[email protected]) ### Profile 19-year-old cybersecurity enthusiast and bug bounty hunter with 4+ years of hands-on security experience. Currently a freshman in Computer Science BSc at ELTE. Skilled in offensive security, vulnerability research, and reverse engineering across web, mobile and hardware platforms. ### Experience #### Bug Bounty Hunter @ HackerOne *(2019 – Present)* * Reported **200+ valid vulnerabilities** across web, mobile, and infrastructure targets. * Secured **20+ programs** mainly in finance, healthcare, gaming, and government sectors. * Personal favorite focus areas: * **Web**: .NET, PHP, J2EE applications. * **Android**: Dynamic analysis with Frida; reversing Java, C# Mono, and IL2CPP binaries * **Hardware**: Explored legacy hardware, microcontrollers and communication protocols * Worked with MRI machines, rental bikes, and more #### CTF Player @ Team Hungary *(2024 – Present)* - Finalist at **CyberQuest CTF 2024** (Óbuda University) * **2nd place (Junior)** in Hungarian Cyber Security Challenge 2025 * Selected to represent **Hungary at the European Cyber Security Challenge 2025** #### Penetration Tester @ Silent Signal Kft. *(Oct 2023 - Feb 2024)* - Conducted professional web application penetration tests and delievered detailed reports. - Assisted in developing internal pentesting methodology, suggested new tools and techniques. ### Security Research * Researched the **OutSystems low-code platform**, identifying multiple vulnerabilities affecting retail and government bug bounty programs. * Authored **Nuclei templates** for public CVEs and personal findings, enabling **large-scale automated vulnerability discovery**. * Developing Kupak, an AI-driven **web application exploration agent** for reconnaissance on new penetration testing targets. ### Projects * **CanSat:** Designed ESP32-based hardware and software with LoRa communication, multi-sensor integration, secure telemetry and data storage. * Experimenting with **Software Defined Radio (SDR)** to analyze wireless protocols and communicaton methods. * Reverse engineered and preserved legacy systems: * Extracted software from a **486-based SBC** under strict hardware limitations * Reversed **MS-DOS Turbo Pascal** betting game software, emulating hardware dependencies ### Languages * **Hungarian** – Native * **English** – C1 (Professional working proficiency) * **German** – B2 (Limited working proficiency)