Welcome

I'm Tran Hung

Fullstack Developer

Web/App Penetration Tester

Tran Hung

Fullstack Fintech Developer | Pentester

I am a passionate software developer actively pursuing a career in the fintech industry, with 3 years of experience in development and 2 years in web/app security, all focused on fintech projects. My expertise includes building cryptocurrency trading platforms, automated trading bots, and smart contracts, along with conducting security audits and penetration testing for financial web and app services. I am committed to delivering secure, high-performance fintech solutions.

+84789978995
 Ho Chi Minh City, Vietnam

My Skills

NodeJS (Express, NestJS)
90%
Golang
70%
Python
85%
Solidity
80%
ReactJS, Redux
80%
Microservices, Distributed Systems
80%
Core Trading Platform
90%
Redis, Nats, Kafka, Mongodb, MySQL
90%
Web/App/Smart Contract Security
85%
HTML/CSS, Tailwind
80%

Experience

  • 4/2023 - Current
    Fullstack Development
    At Nami Foundation

    - Passionate developer with experience in building high-performance systems for cryptocurrency trading platforms, automated trading bots, and blockchain technology applications. Proficient in multiple programming languages, including NodeJS, Golang, Python, Solidity, as well as frameworks like NestJS and ReactJS.

    • Cryptocurrency Trading Platforms:
      • Development of a cryptocurrency exchange (CEX) featuring spot and swap services (NodeJS, ReactJS).
      • The order system supports market, limit, stop, and OCO order types.
      • Developed data feeds for trading, including market watch, depth book, trades, and integration with TradingView.
      • Built a content management system.
      • Robust Matching Engine: Developed with Golang to bring powerful performance and speed to the order matching system. Benchmarked at 111,698 TPS on a VPS server with shared Intel 4-core CPU and 8GB memory.
    • Automated Trading Solutions:
      • Developed and integrated trading bots for multiple exchanges.
      • Built market maker algorithms to control asset prices according to market conditions.
    • Web3 and Blockchain:
      • Implemented on-chain solutions for Ethereum, BSC, and Solana.
      • Facilitated blockchain transaction scanning, deposits, and withdrawals.
    • Data Management and Analytics:
      • Designed and executed marketing data aggregation systems.
      • Integrated user journey tracking and transaction statistics to enhance operational insights.
    • Security Expertise:
      • Conducted web application pentesting and smart contract audits, ensuring robust security practices and defense in depth.
      • Led a workshop on the KyberSwap Elastic exploit, sharing valuable insights into smart contract vulnerabilities with peers.
    • Microservices and Advanced Technologies:
      • Experienced in deploying microservices architecture.
      • Utilized advanced technologies such as Docker, Kafka, Redis, NATS, and distributed system models to build scalable and efficient applications.
      • Dedicated to continuous learning and implementing industry best practices in finance development.
  • 9/2022 - 4/2023
    Personal Project Development
    • Web3 Development & Blockchain:
      • Booking Care Dapp: Created a decentralized application for booking healthcare services, leveraging blockchain technology to facilitate payments for services.
      • Charity DAO App: Designed a decentralized autonomous organization application to streamline charitable donations and governance through smart contracts.
      • NFT Marketplace: Developed a platform for minting, buying, and selling non-fungible tokens.
    • Security Project:
      • Web Vulnerability Scanner: Engineered a tool to identify and assess security vulnerabilities in web applications, enhancing the overall security posture.
  • 2/2021 - 2/2023
    Web/App Pentester
    At Techlab Corporation

    - Security specialist with 2 years of experience in web and mobile app security, with a focus on the financial sector.

    • Banking Security: Tested over 10 web and app banking projects, identifying and mitigating vulnerabilities in line with OWASP standards.
    • Expertise: Experienced in blackbox testing, code auditing, and cryptography (AES/RSA).
    • Proficient in Security Tools: Skilled in using a variety of security tools, including Burp Suite, Acunetix, Frida, Jadx, APKTool, Android Debug Bridge (ADB), and more.

Education

  • 9/2018 - 9/2022
    Information Assurance
    at FPT University

    Here, I have learned, practiced and achieved high achievements in subjects such as: Programming C, Java, Java OOP, Desktop Java Application, HTML, CSS, Javascript, Python, Database Systems, Data Structures and Algorithms, Networking, Web Security, Database Security,...

Service

What can i do?

Fullstack Fintech Development

Creating, building, and maintaining of trading platform

Dapp Development

Build decentralized applications that run on a decentralized peer-to-peer network

Tool Development

Build utility tools for data/file processing, pen-testing, ...

Web/App PenTesting

Simulating attacks a web/app with the purpose of determining whether a system is secure.

Portfolio

See my work

Trading Backtest

Python

Booking Care Dapp

NodeJS, ReactJS, Solidity

Charity DAO App

ReactJS, Solidity

NFT Marketplace

ReactJS, Solidity

Web Scanner

Python, Web Security

FunChat with NodeJS, ReatJS, MongoDB, WebSocket is coming soon

Extra skills

What can I work with?

  • Microservices
  • NestJS
  • Kafka
  • Nats
  • Redis
  • HTTP
  • WebSocket
  • Window
  • Linux
  • Github
  • Gitlab
  • MongoDB
  • MySQL
  • MSSQL
  • SQLite
  • PostgreSQL
  • ORM
  • AWS
  • Postman
  • Bootstrap
  • SCSS
  • Docker
  • Dbeaver
  • VMWare
  • End-to-end encryption
  • Vscode
  • Pycharm
  • OpenZeppelin
  • Ganache
  • Truffle
  • Cryptography
  • Burp Suite
  • Acunetix
  • Frida
  • Jython
  • Jadx
  • APKTool