What I Offer
Depending on your needs, I offer the following services (individually or combined)
External Pentest
Penetration tests conducted from the Internet without any prior access to the information system. The goal is to identify vulnerabilities exposed by your public IP addresses, domain names, or other publicly accessible resources. I act here as an external attacker, with access only to freely available information about your company (domain and subdomain names, public Git repositories, files indexed by search engines, data exposed via Shodan/Censys, etc.). This type of audit provides a concrete assessment of the risks posed by a cybercriminal with only an Internet connection and technical skills.
Web/Cloud Application Pentest
Web applications are prime targets, with new vulnerabilities discovered daily. This type of audit is more focused than an external pentest: you provide me with the list of applications to test, and I concentrate my efforts on those. The goal is to identify exploitable flaws such as: remote code execution (RCE), extraction of sensitive data (e.g. SQL injection, authorization flaws), authentication bypass, exploitation of a public S3 bucket to access other Cloud resources, etc. This test checks your applications' resilience against realistic attacks, either in an authenticated or unauthenticated context depending on the case.
Internal Pentest
Penetration tests performed from inside your network to assess the resilience of your internal infrastructure. I take on the role of an attacker who has managed to access your local network (physically or remotely). This audit requires a VPN connection simulating on-site presence. It identifies vulnerabilities that could be exploited in case of internal compromise following impersonation, phishing, insider threats, infiltration during events, etc. The objective is to measure the risks of lateral movement, pivoting, privilege escalation, or access to sensitive data after the first layer of defense is breached.
Active Directory Pentest
Security assessment of your Active Directory environment: Kerberos, GPOs, user accounts, delegated rights, etc. This type of audit is typically a sub-category of the internal pentest. The goal is to analyze AD access available on the network and assess what an attacker could do with it. I use various AD reconnaissance and privilege escalation techniques to determine how far an attacker could go if present within your system. Gaining control of the AD directory allows attackers to take over all domain-connected machines, change security policies, exfiltrate sensitive data, or deploy ransomware at scale. Active Directory is therefore a strategic target and should be regularly tested and reviewed.
Phishing Campaign
Realistic email-based attack simulations designed to raise awareness among your staff about compromise risks. Phishing remains one of the most common attack vectors, due to its ease of execution—even by inexperienced attackers. Without sufficient vigilance, a cybercriminal can easily obtain authenticated access to your Cloud/Web apps or inject a malicious payload into your internal network. I design credible, targeted phishing emails based on publicly available information about your company—and optionally, the tone or writing style of certain employees—to maximize the impact. I set up one or more capture mechanisms tailored to the scenario (e.g. fake login page, malicious file, etc.) to collect input data or user actions (credentials, file execution, etc.). The goal is to concretely assess your exposure level and provide detailed feedback on the accesses or behaviors observed, to guide your awareness and security measures.
Recurring Pentest
Just like a medical checkup or vehicle inspection, a pentest offers a snapshot of your systems' security at a given moment. It’s recommended to perform such audits regularly, as your infrastructure evolves, up-to-date systems can become obsolete, and new vulnerabilities are constantly being discovered. For recurring collaboration, I offer a preferential daily rate of €400 starting from the second mission. No contractual commitment is required—I prioritize trust-based relationships. This rate remains valid as long as at least one mission is performed annually for your organization.