Dan Herlihy

Hacker
Full-Stack Developer
_____________

About Me

Hello! My name is Dan Herlihy. I currently work as a Forward Deployed Software Engineer at Palantir Technologies. I help one of the largest utility companies in North America reduce wildfire risk and build resilient electrical grids. Before Palantir, I was an ethical hacker for a cybersecurity consulting firm and before that I served as Technology Director for the largest student-run philanthropy in the world. My areas of interests include application security, automation, and user experience design.

My work across multiple disciplines has given me skills and insight that I apply to all my pursuits to create the best possible outcome for clients and end users. I incorporate security first into all of my projects because I've seen first-hand how easy it is to break insecure designs. I've worked with wide scales of data systems from niche side projects to capturing billions of points of sensor data every day. I enjoy automating repetitive tasks for work and personal benefit. I believe that security does not have to come at the price of usability.

I feel the most accomplished when I'm able to work on projects that benefit others. That's why I make my projects open source when feasible and why I volunteer my time to causes I'm passionate about. With everything I work on, I hope to leave it better than I found it.

Headshot of a smiling, handsome man

Languages

Python
JavaScript
SQL
HTML
CSS
Java
PHP
C#
Rust
C/C++

Frameworks

Django
React
TypeScript
Serverless icon Serverless
Sass
Vue.js
Laravel
Android

Tools

Docker
Apache Spark logo Spark
Burp Suite logo (A box with a jagged line running vertically through the center). Burp Suite
Nmap logo (An open eye) Nmap
Amazon AWS logo AWS
Terraform
Ansible
webpack
Git
LaTeX

Experience

Palantir Technologies

New York, NY

Forward Deployed Software Engineer

2021 — Present

Design and build operational workflows to help a large North American utility company make efficient grid design decisions.

Integrate geospatial data from disparate source systems and prepare them for end-user consumption through optimized data pipelines.

Lead client training sessions to build up developer skills and help them become self-sufficient with our products.

Security Risk Advisors

Philadelphia, PA

Threat Assessment Consultant

2018 — 2021

Conducted security assessments of web applications and corporate networks for clients in the Fortune 1000.

Designed and executed next-gen spear phishing and social engineering campaigns that bypass 2FA and simulate a skilled adversary.

Developed new tools to improve the speed and accuracy of our preparation, reconnaissance, and reporting, including Microsoft Office plugins and Burp Suite extensions.

THON

University Park, PA

Technology Director

2019 — 2020

Responsible for the technical needs of an $11 million philanthropy with over 16,000 student volunteers.

Spearheaded a transition from GSuite to Office 365 for 350 individuals.

Coordinated 22 individuals across 6 development teams consisting of project managers, systems admins, and developers for several large-scale websites.

THINK Project Manager

2018 — 2019

Led a team of five developers in maintaining current systems and designing new features with agile methodology.

Implemented finance tracking systems which hold the distribution of over nine million dollars among hundreds of organizations.

Dash Developer

2017 — 2018

Developed Dash, a Django application which allows THON volunteers to hold multi-day events with over 22,000 unique spectators.

Replaced legacy software by redesigning the database structure and logic of core applications to allow for easy growth in the future while bringing the project into compliance with industry standards.

Projects

A partially-solved logic puzzle. The final image appears to be a fish.

Nonograms

Nonograms is a single-page application built to create and share logic puzzles called nonograms. I built this site as a way to familiarize myself with the principles of React and TypeScript. The puzzles are encoded into the URLs, so no information needs to be saved server-side. The project is currently hosted on S3 behind CloudFront.
Globe Visit Site
GitHub logo View on GitHub
React
TypeScript
Sass
webpack
Docker
Amazon AWS logo AWS
GitHub Actions
A screenshot of dash.thon.org.

THON Weekend Dashboard

The THON Weekend Dashboard (Dash) is an event management system for the Penn State Dance Marathon. It is responsible for controlling access to the building and the event floor was well as managing other logistical aspects of the event. Throughout the 46-hour event, it handles hundreds of simultaneous users and over 25,000 spectators.
Django logo Django
Python
Vue.js
Docker
Amazon AWS logo AWS
Travis CI
Text that says 'Django + SAML' with a lock icon

python3-saml-django

Python3-saml-django is a Python library built to allow developers to quickly and easily integrate SAML-based authentication into Django projects while also being highly configurable. This library was built when THON sites were moving to SAML-based SSO and I was unhappy with the current offering of Django and SAML libraries. At its heart, this project wraps OneLogin's python3-saml library to expose SAML bindings while adhering to Django conventions.
GitHub logo View on GitHub
Django logo Django
Python
Docker
PyPi logo PyPi
GitHub Actions
A plate of cookies resting near a laptop with the Burp Suite logo in the corner.

Burp Load Balancer Cookie Scanner

Many companies use Big IP or Netscaler load balancers. In order to ensure requests are forwarded correctly, these load balancers set cookies that contain encoded IP addresses. This Burp extension searches for these cookies and decodes them into the destination IP address and port.
GitHub logo View on GitHub
An icon of a piece of paper with the top right corner folded down. Read More
Java

Certifications

Contact

GitHub logo Twitter logo LinkedIn logo Sealed envelope