You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Hazem B.HB

Hazem B.

Pentesting Engineer - Penetration Testing - CEH, eJPT

€550/day
Paris, FR
3-7 years

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Hazem

I am an offensive Cybersecurity expert: penetration testing, cybersecurity enthusiast. Also a bug bounty hunter, I have been recognized by Microsoft, Facebook, Intel.. etc for reporting security vulnerabilities.
My skills allow me to find an intrusion method to any computer system.

I have the following CVEs:
CVE-2024-50410: CVE-2022-26024: CVE-2021-33089:
  • French

    Native or bilingual

  • English

    Fluent

  • Arabic

    Native or bilingual

  • Spanish

    Conversational

Can work on-site
Paris (up to 50km)

Experience

  • DB&M PARTNERS
    Offensive Security Consultant - Experienced
    DIGITAL AND IT
    February 2025 - April 2026 (1 year and 2 months)
    Paris, France
    - Pentests of websites and mobile applications
    - Vulnerability assessment and recommendations
    - Network, cloud, mobile, social engineering pentesting, etc.
    - Writing audit reports
    - Presenting audits during restitution meetings
    - Pentest: web application audits (OWASP), AD/infra tests, exploit writing (XSS, IDOR, SSRF, RCE), Burp plugins and automation scripts (Python/Bash), source code and configuration audit.
    Pentests of Websites, AI, and mobile applications.
    Mission management: planning from A to Z (kick-off, scope definition, milestones, SLAs), leading meetings, preparing materials, monitoring until final restitution.
    - Fuzzing & Reverse: design of targeted fuzzers (image/stream analyzers), crash analysis (ASAN/UBSAN), DLL/binary reverse engineering (Ghidra, WinDbg) and development of non-destructive PoCs.
    - Achievements: - Compromise of an Active Directory with ~50k users (controlled environment); mapping, privesc, and pivot. - Bypass of business rules / filtering (WAF/ACL) demonstrating business impact.
    - Vulnerability assessment and recommendations.
    - Network, cloud, mobile, social engineering pentesting, etc.
    PenTest Web Pentest Penetration Testing Pentester Cybersecurity
  • Itiviti
    Cybersecurity Analyst
    BANKING AND INSURANCE
    December 2021 - August 2023 (1 year and 8 months)
    Paris, France
    - Define security rules
    - SOC analyst
    - Penetration testing - Pentester
    - Fix and patch vulnerabilities
    - Define security policy
    - Incident management
    Cybersecurity Investigation PenTest Incident Management Python
  • knowsec
    Independent Penetration Tester
    CONSULTING AND AUDITS
    August 2022 - September 2023 (1 year)
    - Collaborating with Knowsec, a penetration testing and vulnerability assessment company and a leading secure development company, as an independent penetration tester.
    - Performing comprehensive penetration tests on websites and mobile applications developed by Knowsec for clients, ensuring the implementation of robust security measures.
    - Working closely with a highly skilled and globally recognized penetration testing team at Knowsec to identify vulnerabilities and mitigate potential threats.
    - Specializing in various penetration testing techniques, including network infrastructure testing, agile penetration testing, cloud penetration testing, wireless penetration testing, social engineering, and mobile penetration testing.
    - Contributing to enhancing the overall security of clients' digital assets by providing detailed vulnerability assessment or penetration testing reports and recommending effective solutions.
    - Played a crucial role in strengthening clients' cybersecurity defenses by discovering vulnerabilities before they could be exploited by malicious actors.
    - Providing valuable insights and recommendations to clients through cybersecurity guidance services offered in collaboration with Knowsec, helping them navigate the complex cybersecurity landscape.
    - Professionalism, expertise, and commitment to excellence in every project, aligning with Knowsec's mission to deliver secure and customized digital solutions to clients worldwide.
    Penetration Testing Penetration Testing Security Audit PenTest Web Pentest

Recommendations

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Education

  • Cybersecurity and Computer Networks Engineer
    Esiee Paris
    2022
    - Cybersécurité - supervision informatique - réseaux et systèmes d'information - test d'audit et pentest - développement python,c

Certifications

Skill set

Categories