You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Amaury PetriniAP

Amaury Petrini

Pentester - Cybersecurity Expert

€490/day
19 projects
Lyon, FR
3-7 years
Penetration Testing
PenTest
Ethical Hacking
Security Audit
Cybersecurity

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Amaury

Vice-Champion of France in cybersecurity, Pentester since 2019 with over 200 missions completed for startups, SMEs, and large corporations.

I regularly conduct security audits as part of compliance (ISO 27001, SOC 2, client audits) or before going live.

My missions include:
  • Web penetration tests (SaaS applications, APIs, internal platforms, E-commerce sites)
  • Cloud penetration tests (AWS, GCP)
  • Infrastructure penetration tests (internal networks, Active Directory, Wi-Fi, SCADA Systems)
  • LLM / Chatbot penetration tests
  • External attack surface analysis (public IPs, domains and subdomains, OSINT research)
  • Red Team exercises and phishing campaigns
  • Technical training for developers and administrators (application security, pentest, best practices).
  • Cybersecurity awareness sessions for employees.

Each mission includes:
  • a detailed report with exploitation proof
  • risk prioritization
  • concrete remediation recommendations
  • a debriefing session with technical teams to discuss and transfer skills

Example report and methodology details available upon request.
Consulting and Audits
Digital and IT Services
Telecommunications

  • French

    Native or bilingual

  • English

    Fluent

Can work on-site
Lyon (up to 50km), Aix-en-Provence (up to 30km), Lyon (up to 100km), Paris (up to 30km), Marseille (up to 30km)

Experience

  • ETHICAL PIANISM
    Pentester
    November 2019 - Today (6 years and 7 months)
    Freelance Pentester since 2019, working for startups, SMEs, and large corporations to identify and fix vulnerabilities before they are exploited.

    Main missions:

    • Web penetration tests: SaaS applications, APIs, internal portals.
    • Cloud Audit: Security of AWS and GCP environments, IAM configurations, storage, data exposure, and cloud attack surface.
    • Infrastructure penetration tests: Active Directory, internal networks, privilege escalation, lateral movement, critical account compromise.
    • Red Team: Realistic attack simulations to assess the detection and response capabilities of teams.
    • Phishing and awareness campaigns: Social engineering tests to measure employee resilience.
    PenTest Cybersecurity Security Audit Web Pentest Internal Pentest
  • Yes We Hack
    Bug Bounty Hunter
    DIGITAL AND IT
    May 2024 - Today (2 years and 1 month)
    Active bug bounty hunter on public and private programs, specializing in discovering vulnerabilities on web applications and APIs.

    Work on:

    • Classic and advanced vulnerabilities: Chaining vulnerabilities, SSRF exploitation, authentication bypass, injections, IDOR, and access control circumvention.
    • Application logic analysis: Identifying flaws related to design errors or business logic.
    • Cloud and API environment testing: Misconfigurations, exposed endpoints, poor token and permission management.
    • Reporting and communication with security teams: Submitting vulnerabilities with detailed PoCs, evidence, and remediation recommendations.
    PenTest Web Pentest Bug Bounty
  • NSOC
    Cybersecurity Engineer
    TELECOMMUNICATIONS
    March 2018 - December 2018 (10 months)
    Lyon, France
    Participation in IT security and systems administration activities as part of a cybersecurity apprenticeship.

    Involvement in several aspects of infrastructure and application security, including:

    • Performing black-box penetration tests to identify exploitable vulnerabilities on exposed systems
    • Administration and securing of network infrastructure (OpenLDAP directory management, Fortinet firewall configuration, access management)
    • Participation in GDPR compliance efforts and improvement of data protection practices
    • Development of Python scripts to automate certain security and administration tasks

    This experience allowed me to work on both offensive (pentest) and defensive (administration and compliance) aspects, while developing tools to improve operational efficiency.
    PenTest GDPR Cybersecurity Phishing Network Administration
Check out Amaury's experience

Reviews

5.0

Out of 11 ratings

R

Romain

CTO - SCAN MATCH

Reviewed on 2/9/2026

Amaury performed a complete and rigorous pentest of several of our platforms, including an initial audit and a re-audit. The work provided is of high quality; we particularly highlight his attention to detail, his analytical skills, and the relevance of his investigations. I recommend!
S

Simon

Invent App

Reviewed on 4/28/2023

The mission went very well, we are very satisfied with the quality of Amaury's work and advice/feedback.
Show all 11 reviews

Recommendations

CG
TG
Alix G.AG
+1
Clémentine Gacon and 3 other people have recommended Amaury

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master "Cybersecurity Expert"
    It-Akademy
    2018
  • Self-taught training
    -
    Formation en autodidacte sur root-me.org (2500 points), microcorruption (500 points), avec laboratoire de pentest et lecture de livres spécialisés.
Check out Amaury's education

Certifications

  • Comptia Pentest+
    Comptia Pentest+
  • Vice-Champion of France Cybersecurity
    WorldSkills
    2022
Amaury's certifications are only visible to Malt Community members

Skill set

Audit
Awareness
OWASP
GDPR
IT Security
Security
Training
Phishing
IT Security
Network Security
Internal Pentest
Web Pentest
Pentesting
ISO 27001
Regulatory Compliance
cloud pentest
application pentest
Penetration Testing
Risk and Vulnerability Assessment
Security Awareness Training
SaaS pentest
API Pentest
Active Directory pentest
cloud audit

Categories