Nathan
StchepinskyNathan Stchepinsky
StchepinskyNathan Stchepinsky
Cybersecurity Engineer, open-source developer & contributor.
Cybersecurity Engineer, open-source developer & contributor.
iA Financial Group is a Canadian insurance and wealth management company. As pentester, I am responsible for identifying and exploiting vulnerabilities in the company's systems, applications, and infrastructure. I conduct thorough security assessments, including penetration testing, vulnerability scanning, and risk analysis. I work closely with the IT and security teams to develop and implement effective remediation strategies to mitigate identified risks.
Pentest
Kali
Linux
Go
Python
I-Tracing is a cybersecurity major playor of 600 committed cybersecurity experts in France, Switzerland, Great Britain, Hong Kong, Canada, China and beyond delivers transformative know-how from consulting to integration and managed services, SOC and CERT Follow The Sun 24/7. As analyst SOC I am responsible for overseeing layers 1, 2, and 3 of security operations for a major client within a security firm. Tasks include thorough investigation, incident response, and initial remediation efforts. Proficient in utilizing Endpoint Detection and Response (EDR) tools and Security Information and Event Management (SIEM) systems. I operate independently during shifts, managing a significant client's security needs. Proficient in Incident Response Plans (IRP), playbook development, and real-time attack mitigation strategies.
Blue team
Splunk
SentinelOne
XSOAR
Incident response
Real-time remediation
IRP
playbook
Cyber threat hunting
Dental Monitoring is an international french company specialised I made a complete study of the criticality of all company’s projects (website, mobile applications, servers, AWS infrastructure, ...). For my second intership as pentester in a row, I was in charge of the red team and the blue team. I made a complete study of the criticality of all company’s projects (website, mobile applications, servers, AWS infrastructure, ...), exploited dozens of vulnerabilities and made a complete report of them (with the solutions to fix them).
Pentest
Linux
PHP
Python
AWS
Risk
analysis
Vulnerability
Report
iOS
Web application
API
MiNET association is a non-profit organization, Internet provider of the MAISEL SudParis 900’s students since 1991.
As a system and network administrator at MiNET, I have in particular developped a cloud platform to host VMs on dedicated servers and managed by the self-host hypervisor, Proxmox, and by the user via a self made, open source, web application.
As president of the Association for 1 year, I managed 30 volunteers, 4 clubs, a huge infrastructure in 8 buildings and a 100k€ budget for its development.
Proxmox
CEPH
Cisco
Docker
Linux
Bash
Python
GIT
Ansible
System administration
LXC & qemu
Gitlab CI-CD
Dental Monitoring is an international french company specialised I made a complete study of the criticality of all company’s projects (website, mobile applications, servers, AWS infrastructure, ...). After 2 months of work, in collaboration with the developers, I discovered and documented 30 pages of vulnerabilities
Pentest
Kali
Linux
PHP
Python
AWS
Risk
analysis
Vulnerability
Report
Development and publication of a free and 100% open source, self-host, 2FA web-application using a Zero-Knowledge Infrastructure to safely store and easily retrieve your 2FA codes.
An open-source newsletter script, written in Python, based on Jellysfin's API to send a monthly (or weekly) newsletter to your users with the latest movies and series added to your Jellyfin server.
A simple and easy to use healthcheck script for Galera Cluster, written in Python, to monitor the health of your Galera Cluster and send alerts in case of failure.
Development of a 100% open-source and free cloud hosting application based on a dedicated proxmox cluster and a web interface for managing virtual machines. All VMs and platform were self-host behind our own infrastructure.
iLocked is an open-source iOS application which goal is to be able to intuitively and easily send critical information through not encrypted channels (using RSA-4096).