Gábor Funk

afghangoat@proton.me | afghan_goat | github.com/afghangoat

Summary

Dedicated my time to penetration testing since 2018. Built scalable whistleblower SaaS which are used by the 30 largest Hungarian companies. Helped finding a bug, which allowed the registration of .gov domains without proper identification. Helped finding multiple zero-day exploits in the Windows 10 and Windows 7 operating systems. Helped identifying malicious trojan code in softwares.

Experience

Backend security analyst

From 2020. 05. 05. – 2023. 02. 01.

Afghan Goat Development

Budapest, Hungary

• Developed anti-cheats for multiplayer games. Sandblasters and Political fight uses my anticheat.
• Helped fixing security issues in PHP codebases, such as the forum of afghangoat.hu.
• Created a no-logging chat application which uses maximum security to transfer data.

Projects

I performed extensive documentation for all 300+ of my own project and SaaS projects. You can see them at https://afghangoat.hu/docs/site/index.html in a markdown format. You can also find mirrors for downloads there.

Open-Source projects

Jan 2014 – Present

• SCHiz-OS: My self-made 32-bit operating system with a custom bootloader, kernel, filesystem support, multiple language support and with a basic shell system.
• Bitfuscator: An advanced obfuscation tool which you can use to obfuscate your code in 16 supported programming languages!
• Webshop scraper: A web app which helps you scrape data from Joomla webshops.
• Crawler tarpit: A tool which helps to protect your site from non-ethical scrapers by giving them useless data which looks like useful data. Visit it at your own risk: https://afghangoat.hu/the_pit/ (expect high CPU usage)
• Exploiter madness: A tool which punishes those who try to exploit phpmyadmin, wpadmin and other sensitive pages by serving a bunch of ads and uses resources.
• SEO analyzer: An online tool which gives you critical information about how to optimize your website. Completely free.
• Sand blasters: Made the multiplayer and security component of the game. (WIP) Multiplayer server is available upon request.
• Cybersec research: Private cyber thread research. Available at request.
• Interactive portfolio: A 3D portfolio showcasing my skills. Check it out at https://afghangoat.hu/me.
• You can check out the live demos and source codes at https://afghangoat.hu!

SaaS projects

Jun 2025 – Present

• Designed and built the backend infrastructure of a private whistleblower system.

Education and training

B.Sc. in Computer Engineering, Budapest University Of Technology And Economics - GPA: 4.0 - KI: 5.0 - Expected date: 2027

Hungarian Advanced IT Matura Exam - 98%, (Equivalent to an advanced IT certification) - 2024

Hungarian Mathematics Matura Exam - 96% - 2024

ICDL Standard certificate - 2023

Logischool Python Institute Certificate - 2019

Effective Security Operations and Infrastructure Defence - Aston University (Innovacybridge), 2025

Strategic Cyber Security Governance and AI Integration - Aston University (Innovacybridge), 2025

Human-centric Security and Organisational Resilience - Aston University (Innovacybridge), 2025

Intelligent Threat Detection, Forensics and Response - Aston University (Innovacybridge), 2025

Effective incident Management and Response - Aston University (Innovacybridge), 2025

IPv6 education (basic) certificate - Hurricane Electric, 2026

Relevant coursework: Programming in C, C++ and Java, Computer architectures, Operating systems, Embedded systems, Introduction to computer science.

Achievements

• (2025. 02. 15.) Passed competitive pre-exam (top 1%) allowing me to skip half a year of university programming curriculum.
• (2025. 10. 16.) TechTogether 1st Place - Hepenix Task: Designed and prototyped a robotic manipulator system capable of operating in a simulated nuclear reactor pond environment, focusing on team cooperation, precision actuation and safety-critical control.
• (2025. 10. 16.) TechTogether special prize - Hepenix Task: Awarded by making new and detailed models for the pond manipulator. Achieved via heavy team cooperation.
• (2021) Found the exploit which allowed the unidentified users to register .gov domains.
• (2020) Found 2 zero-day exploits in the Windows 10 and Windows 7 systems.
• (2023. 12. 20.) Case of the thinky game jam placement: Managed to make a 3D detective game while fitting in environmental storytelling and a bunch of puzzles.
• (2023) 30th - Hungarian national CTF competition: Helped my team crack obfuscated C++, Javascript and Python code. We joined late, but we still cracked all the obfuscation based tasks.
• (2026. 05. 16.) TechTogether 5th Place - Participated in a subtask of TechTogether to help Suborbitals team achieve a higher score. The challenge was given out by msg Plaut. We needed to design and fit a neural network to identify malicious packets and make the model perform on a certain level.
• BME scholarship - 2024, 2025, 2026

Technical skills (familiarity)

Foreign Languages

• Fluent English
• Fluent Hungarian
• Conversational German

Publications & Books

Beginners guide to obfuscation in C and C++.

A book which covers the most common security flaws, PHP developers leave in the code and introduces fixes for them.