Freelancer profile translated to English.

Description

I help companies and individuals identify, understand, and fix security vulnerabilities before attackers exploit them.

Since 2012, I've been testing systems, web applications, and network infrastructures — and delivering clear, actionable reports without unnecessary jargon.

🔍 Over 100 clients assisted

🛡️ 98% satisfaction rate

⚡ 24/7 Emergency Interventions

🌐 Specialist in Web, Network & Full Infrastructure Pentesting

My Services

Custom Pentest & Security Audits + Regular PTaaS Audits

➡️ Comprehensive assessment of your web applications, APIs, network infrastructure, and information systems. From Starter Pentest (VSEs, showcase websites) to Premium Pentest (SMEs, e-commerce), with exhaustive reports and video debriefing sessions.

Red Team Assessment

➡️ Realistic APT attack simulation over several weeks: Social Engineering (phishing, vishing, pretexting), physical access, advanced compromise. For organizations wanting to test their real defenses.

➡️ Each vulnerability documented with its criticality level

➡️ Rapid intervention to regain control, secure your data, and implement an immediate action plan.

➡️ Complete security (blue team) of your infrastructure.

Training & Awareness

➡️ Your teams are your first line of defense. Phishing simulations, best practices, security culture: I train your employees on real threats.

Key Skills

Penetration Testing (Web, API, Network, Infrastructure)

OSINT & Dark Web Analysis (exposed credentials, data leaks, forum infiltration)

Red Team / Social Engineering

Critical Vulnerability Analysis (OWASP, NIST, ISO 27001)

CEH, OSCP Certifications

GDPR Compliance Audit

Simplified technical report writing

My Approach

I deliver a complete PDF and explain what's broken, why it's dangerous, and how to fix it.

🔗 — Cybersecurity Expert since 2012

Industry field of expertise

Languages

French
Native or bilingual
English
Fluent

Workplace preferences

Remote only

Primarily works remotely

WHITE-HAT.FR
Founder
TECH
January 2022 - Today (4 years and 5 months)
Paris, France
- Security audits and penetration testing on web applications, APIs, and network infrastructures (Pentest Starter, Premium Pentest, Red Team offers)
- Writing comprehensive audit reports with video conferencing restitution
Real attack simulations (Red Team Assessment): phishing, vishing, social engineering, infrastructure compromise
- OSINT & Dark Web analysis (search for exposed credentials, data leaks)
- 24/7 emergency assistance for individuals and companies victims of hacking
GDPR compliance consulting
- Training and awareness for teams on cyber threats (phishing, social engineering)
- Development and operation of the White-Hat.fr SaaS (Laravel 12, Docker, Stripe, multilingual FR/EN)
- Production of cybersecurity educational content (blog, technical write-ups)
Bash Script Shell Linux
Deuscom
Cybersecurity Expert
TECH
May 2021 - December 2021 (7 months)
Massy, France
- Audit of web applications and exposed services.
- Evaluation of security awareness within the company.
- Testing authentication and authorization mechanisms.
- Verification of resistance to denial-of-service attacks.
- Analysis of security policies and internal procedures.
- Verification of compliance with security standards.
- Simulation of targeted attacks and realistic scenarios.
- Evaluation of database security.
- Search for security flaws in applications and protocols.
Phishing Reverse Engineering PHP XSS
QUETZALYS SAS
Pen-tester
RETAIL (SMALL BUSINESS)
October 2014 - April 2021 (6 years and 6 months)
Boulogne-Billancourt, France
- Regular security audits on internal SaaS (native PHP): code review, identification of SQL injection, XSS, CSRF flaws, poor session and access rights management
- Penetration tests on PrestaShop store: third-party modules, API, exposed attack surface
- Analysis of vulnerabilities related to online payments and customer data protection (PCI-DSS, GDPR)
- Implementation of internal security policy: server hardening, access management, secure development rules
- Correction and developer support: training in OWASP best practices, security code reviews
- Incident monitoring and response: log monitoring, intrusion detection, alert management
- Writing vulnerability reports for technical management
Participation in architecture decisions to integrate security from design (shift-left)
- Continuous monitoring of CVEs and new attack techniques targeting the PHP/PrestaShop ecosystem
Prestashop PHP