You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Yahya OumaniYO

Yahya Oumani

🚀Cyber - 🗡️Web & Network Pentester - 📝 EBIOS RM

€125/day
Rennes, FR
0-2 years
PenTest
Risk Analysis
Security Audit
Active Directory
Web Application Security

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Yahya

👤 Who am I?
I am a cybersecurity consultant and pentester, a graduate of IMT Atlantique.
With practical experience in missions, I work on technical subjects (penetration tests) as well as organizational ones (risk analyses, compliance).

❓ Why hire me?
Because I can think like an attacker while mastering the requirements of defense:
🎯 Offensive vision and security governance
🧠 Ability to understand your business and technical challenges
📝 Production ofclear, rigorous deliverablesadapted to each audience
Responsivenessand commitment: your deadlines are mine

🧰My skills
🔐 Penetration tests:
  • Environments: web applications, exposed infrastructures, Active Directory
  • Methods: Black Box, Grey Box, internal/external

📊 Audits and governance:
  • EBIOS RM, ISO 27001, NIS2
  • Risk analysis, awareness, recommendations

🛠️ Tools used:
Burp Suite, Nmap, SQLMap, BloodHound, CrackMapExec, etc.

Consulting and Audits
Education Companies
IoT (Internet of Things)
Digital and IT Services

  • French

    Native or bilingual

  • English

    Fluent

  • Arabic

    Native or bilingual

Can work on-site
Rennes (up to 50km), Paris (up to 50km)

Experience

  • ORNISEC
    Cybersecurity Consultant and Auditor
    CONSULTING AND AUDITS
    September 2024 - Today (1 year and 9 months)
    Rennes, France
    • **Penetration tests targeting web applications and server infrastructures exposed on the Internet**: In-depth analysis of attack surfaces, identification of technical vulnerabilities (injections, misconfigurations, authentication flaws...), reasoned exploitation of flaws, and technical and managerial restitution of results through detailed report writing.
    • **Internal penetration tests in an Active Directory environment**.
    *Wifi Audits using Wifi Pineapple


    Tools and technologies used:Nmap, BurpSuite, Gobuster, FFUF, wpscan, GitTools, SQLMap, nikto, metasploit, hashcat, Bloodhound, PingCastle, Responder, Impacket, mimikatz…

    • **GRC Missions**: **Risk analysis following the EBIOS RM method**, organizational audits within the framework of compliance efforts (ISO/IEC 27001, NIS2, 3CFv2, DORA), information system architecture audits, evaluating resilience and network segmentation, DiagCyber BPI France.
    GRC Risk Analysis Web Application Security Security Audit PenTest
  • CHU de Nantes
    Data Analyst
    May 2024 - August 2025 (1 year and 3 months)
    Nantes, France
    • Evaluation and improvement of an automatic segmentation model for PET imaging
    • Cleaning and harmonization of test data.
    • Implementation of metrics to evaluate the model.
    • Model improvement.
    Tools and technologies used: Python, Numpy, Pandas, Pytorch.

Recommendations

Be the first to recommend Yahya

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Cybersecurity Engineer
    IMT Atlantique
    2025
    - Droit et politique de la cybersécurité, Sécurité des Réseaux, Sécurité des Systèmes d'exploitation, Cryptologie, Pentest, DevSecOps, Sécurité de l'IOT - Développement logiciel, Machine learning et Deep learning.

Certifications

Skill set

GRC
EBIOS RM
Wordpress Site

Categories