Overview

This project involved engineering a sophisticated automation bot designed to secure visa appointments, a highly competitive and time-sensitive process. Developed for a visa agency, the bot navigates complex booking workflows, overcomes significant anti-bot measures on both legacy and new embassy platforms, and operates with high reliability under strict time constraints, demonstrating advanced automation and system integration capabilities.

Key Technologies

• Backend: ASP.NET Core, C#, Quartz.NET, FluentValidation
• Frontend: React, React Router
• Browser Automation Service: Node.js, ExpressJS
• Browser Automation Lib: Puppeteer (via PuppeteerRealBrowser)
• Cloudflare Bypass: Custom "Unflare" Solution
• Database: PostgreSQL with Entity Framework Core (EF Core)
• Mobile Integration: Android (Java), Custom SMS Forwarding App
• External APIs: Gmail API
• Infrastructure & DevOps: Docker, Kubernetes (K8s), GitHub Actions (CI/CD)

System Architecture and Implementation

The system employs a hybrid backend architecture. The core orchestration, scheduling, student management, and admin panel functionalities are built with ASP.NET Core, utilizing a pragmatic Layered Architecture suitable for its request-heavy and integration-focused nature. Asynchronous scheduling is managed by Quartz.NET, triggering bot operations precisely at 10 AM every Monday and Wednesday.

For interacting with the newer, Cloudflare-protected embassy website, a dedicated service was developed using ExpressJS. This service leverages PuppeteerRealBrowser for robust browser automation. The ASP.NET Core application communicates with this ExpressJS service to delegate browser automation tasks.

Legacy Site Automation: For the older embassy site, which doesn't have Cloudflare protection, the bot uses direct HTTP requests via Flurl library. It performs crucial pre-computation steps: validating unique residential proxies (IP Royal), pre-authenticating users, solving CAPTCHAs in advance, and fetching necessary security tokens before the booking window opens. This preparation enables ultra-fast booking execution the moment appointments become available, often within a 5-second window.

New Site Automation & Cloudflare Bypass: The newer site required a different approach due to Cloudflare protection. Browser automation via Puppeteer was necessary. Critically, a custom Cloudflare bypass solution that I named "Unflare", was developed to reliably obtain the necessary Clearance tokens, overcoming limitations and lack of publicly available tools. The bot also handles the site's multi-factor authentication, integrating with the Gmail API for email verification codes and a custom Android application for SMS OTPs.

Admin Dashboard Frontend

An administrative interface was developed using React to provide operational control and visibility. Utilizing React Router for navigation, this dashboard allows the visa agency staff to manage student data, configure additional bot execution schedules (managed by Quartz.NET on the backend), and monitor the overall status of the automation processes.

Key Features & Innovations

Custom Cloudflare Bypass ("Unflare"): Developed Unflare to defeat Cloudflare's anti-bot measures, demonstrating deep understanding of web security techniques.

Multi-Factor Authentication Automation: Seamlessly handles both email (via Gmail API) and SMS OTP verification. The SMS part involved rapidly developing a custom Android SMS Forwarder application, using Java, which listens for specific embassy messages and relays the OTP code to the backend, associating it with the correct user via their email address entered in the app.

High-Speed, Time-Critical Execution: Optimized workflow for legacy site interaction, involving pre-computation and rapid-fire requests to maximize booking success within extremely short timeframes, usually less than 5 seconds.

Reliable Proxy Management: Implemented robust selection and pre-validation checks for proxies to ensure dependable operation during critical booking periods.

Deployment Automation and Infrastructure

Standard modern DevOps practices were utilized. A CI/CD pipeline in GitHub Actions automates building, containerization, and deployment. ASP.NET Core application, the ExpressJS automation service and the frontend are packaged as Docker containers. These containers are deployed and managed within a Kubernetes (K8s) cluster, ensuring scalability and resilience for the bot's operations.

Conclusion

This Embassy Appointment Bot project showcases the ability to engineer complex automation solutions tackling significant real-world challenges like high-frequency trading-like competition and advanced anti-bot systems. It highlights expertise in hybrid backend architectures (ASP.NET Core + Node.js), sophisticated browser automation (Puppeteer), development of custom security bypass techniques (Unflare solution), cross-platform integration (Web backend + Android), responsive user interface development (React), and reliable asynchronous task scheduling (Quartz.NET). The successful implementation demonstrates strong problem-solving skills and proficiency across multiple technologies and modern DevOps workflows (Docker, Kubernetes, CI/CD).