Helping developers build secure systems in an insecure world.
π Based in Europe | Available remotely
Technology is moving fast β but so are threats.
My mission is to protect meaningful digital products before someone else breaks them.
I work with creators and builders, helping them challenge assumptions and secure the parts of their systems that are often overlooked.
To me, offensive security is not about chaos β it's about clarity.
I donβt just look for whatβs broken. I question what was assumed to be safe.
I specialize in Web & API Pentesting, with hands-on experience in:
- Application-layer vulnerabilities: XSS, SQLi, RCE, authentication bypass
- API testing: BOLA, IDOR, Broken Auth, insecure tokens
- Cloud misconfigurations: exposed S3 buckets, metadata abuse, IAM flaws
- Logic flaws and chained vulnerabilities
- Manual recon, chaining attack vectors, and tailored exploitation
- Clean, actionable reports that developers actually use
- Nmap β for precise scanning, service detection, custom NSE scripts
- ffuf β for fast and recursive directory and parameter fuzzing
- Burp Suite β manual request analysis, interception, and chaining
- SQL techniques β error-based, boolean-based, time-based injections and bypasses
- Netcat, curl, dig, whois β essential tools for live network and service inspection
- Wireshark β for low-level packet analysis when recon requires depth
-
β eJPTv2 (82%) β INE / OffSec
-
β ICCA (95%) β INE Certified Cloud Auditor
-
π― Currently Preparing:
- OSCP β Offensive Security
- CPTS β Hack The Box
-
π« MSc in Cybersecurity β University of Warsaw
-
π§ Full-time Technical Training β 42 School Warsaw
-
π BSc in Sociology β Sorbonne (Paris I)
-
π WebApp-Pentest-Report
A real-world security audit for a SaaS platform, focused on SOC2/ISO27001 compliance. -
π Matrix-Themed Portfolio
My cyberpunk-inspired site built to showcase skills, mindset, and code. -
π Nmap Cheatsheet
Recon and enumeration techniques tuned for practical web assessments.
"Patryk performed external penetration tests and delivered a detailed, well-structured report with clear explanations and actionable recommendations. We were able to fix multiple vulnerabilities and significantly strengthen our security posture."
β Karol Obrebski, CEO, CargoAssistant
"Patryk demonstrates an exceptional eagerness to learn and develop professionally. His positive attitude and enthusiasm make him an ideal candidate for any junior cybersecurity or DevOps position."
β Alexander Sadowski, Senior Engineer, SoftServe
"Instead of doing standard 42 school tasks, Patryk rooted a machine. If you're looking for a pentester who not only finds vulnerabilities but truly understands their impact β I strongly recommend him."
β Bartosz P. Krok, Cybersecurity Engineer in Training
- π Hack The Box β pkieszek
- π HackerOne β researcher (Private program testing)
- βοΈ Medium β @cybernomad42
"I donβt hack for noise. I hack to understand what others overlook."