Freelancer profile translated to English.
Back to original languageAbout Patryk
Web & API Pentester with an offensive, results-oriented approach.
Certified eJPT, ICCA, and ISO 27001 Internal Auditor, I conduct penetration tests targeting web applications, APIs, and SaaS environments under real-world conditions. I gained my experience as a pentester at NASK, the Polish national cybersecurity research institute, where I performed security assessments in production and contributed to vulnerability research that led to a CVE attribution.
Since then, I operate as a freelancer, undertaking commercial pentest missions and Bug Bounty programs on various platforms including HackerOne, with technical reports aligned with OWASP, ISO 27001, GDPR, and SOC 2 requirements. I am currently preparing for the CPTS (Hack The Box) and OSCP certifications.
Educated in both the humanities and code, I studied sociology at Sorbonne University before diving into ethical hacking. My technical foundations were strengthened by intensive training at 42 School in low-level programming - C, C++, Bash, and Python, enabling me to analyze systems in depth and understand business risk.
My approach is pragmatic and offensive: I seek exploitable vulnerabilities, assess their real business impact, and deliver concrete recommendations, accessible to all stakeholders.
I work in French, English, Spanish, and Polish, remotely or occasionally in person. If you are developing a high-potential solution, I can help make it more secure without unnecessary jargon.
Polish
Native or bilingual
French
Native or bilingual
English
Fluent
Spanish
Conversational
Can work on-site
Paris (up to 50km)
Experience
- NASK - Institut national de recherche en cybersécurité (Pologne)Intern PentesterCONSULTING AND AUDITSOctober 2025 - January 2026 (3 months)Varsovie, Poland- Conducted penetration tests on web applications in internal and production environments, identifying critical vulnerabilities related to authentication, session management, and access control by applying the OWASP Top 10 methodology.- Performed security assessments on internal networks as part of structured audits, contributing to the drafting of risk-oriented reports transmitted to stakeholders.- Contributed to vulnerability research that led to a CVE attribution, by responsibly identifying and disclosing a flaw discovered during a real-world audit.- Participated in security audits aligned with industry compliance frameworks, supporting the documentation and analysis of results across multiple engagements.
- MyDataSolutionsExternal Cybersecurity ConsultantCONSULTING AND AUDITSMay 2025 - September 2025 (4 months)Paris, FranceEngaged as a freelancer to support audits, risk assessments, and compliance validations, with a focus on technical analysis, data protection, and the implementation of security controls for public and private clients.
- patsecuCybersecurity Consultant / PentesterCONSULTING AND AUDITSNovember 2024 - Today (1 year and 7 months)Paris, France- Conducted a comprehensive commercial penetration test on a SaaS web application, covering OWASP Top 10 attack vectors, by combining manual and automated assessments on authentication, access control, and business logic layers.- Produced a risk-oriented technical report with proof-of-concept demonstrations for each finding, enabling the client to prioritize and initiate remediation immediately after delivery.- Contributed to vulnerability research that resulted in a CVE attribution during work at NASK, the Polish national cybersecurity institute, by responsibly identifying and disclosing a flaw discovered in a production environment.- Developed reusable pentest and audit templates aligned with ISO 27001 and PTES frameworks, standardizing assessment workflows across engagements.- Actively identified security vulnerabilities on multiple bug bounty platforms, including HackerOne, targeting authentication flaws, broken access controls, and client-side exposures in real production environments.
Recommendations
Be the first to recommend Patryk
Help this freelancer shine by sharing your experience working together.
These freelancer profiles also match your criteria
Agatha Frydrych
Backend Java Software Engineer
4.7
(3)
2
Baptiste Duhen
Fullstack developer
4.6
(4)
5
Amed Hamou
Senior Lead Developer
4
(2)
7
Audrey Champion
Web developer
4.3
(3)
4
Education
- Master's in CybersecurityUniversity of WarsawMaster's in Cybersecurity
- Programming Training42 School2026C, C++, Bash, Python
Certifications
- eJPTINE (INE Security / eLearnSecurity)2025
- ICCAINE2025