Tomasz Targiel

usługi IT

Provided services

✱ Web App Pentesting ✱ Mobile App Pentesting ✱ API Pentesting ✱ Cloud Security Assessment ✱ Network Pentesting ✱ Red Teaming

Trusted by the WIG 20 companies, as well as many other well-known companies from various industries, including banking, IT, e-commerce, healthcare, and energy, in locations throughout Europe.

About me

Background. My journey into cybersecurity is built on a unique foundation of a Bachelor's in Socioeconomics and an Engineering degree in Applied Computer Science from Wrocław University. This interdisciplinary background provides a distinct perspective on both the human and technical aspects of security.

Experience. My practical skills were sharpened during a cybersecurity-focused exchange at Saarland University, where I became an active member of the `saarsec` hacking team. Currently, I apply this knowledge as a Penetration Tester at ISEC, helping clients identify and mitigate real-world threats.

Approach. I approach every engagement with an analytical mindset, prioritizing methodical and detail-oriented work. From reconnaissance to reporting, I focus on delivering clear, actionable insights that empower organizations to strengthen their security posture effectively.

Beyond work. Biking and hiking keep me balanced. Exploring new trails and challenging myself outdoors is about pushing limits and continuous improvement - a philosophy I carry into my professional work.

Tomasz Targiel usługi IT

Sole Proprietorship Information

Address: ul. Bohaterów II Armii Wojska Polskiego 14F, Zgorzelec, 59-900, Poland

Email:

My Pentesting Methodology

RECONNAISSANCE

Every engagement begins with meticulous planning and information gathering. I define the scope and rules of engagement, then use passive and active techniques to map your attack surface and identify potential entry points.

EXPLOITATION

With a clear picture of your environment, I simulate real-world attacks to exploit identified vulnerabilities. This phase is conducted safely and ethically to demonstrate impact without disrupting your operations.

ANALYSIS

Successful exploits are just the beginning. I perform post-exploitation analysis to determine the full extent of a potential breach, including privilege escalation, lateral movement, and data exfiltration capabilities.

DELIVERY

You receive a comprehensive report detailing all findings, their risk levels, and potential business impact. I provide clear, actionable recommendations for remediation to strengthen your security posture.

Services

I offer a range of offensive security services designed to identify and mitigate risks, tailored to your specific technology stack and business context.

[01] Web & Mobile App Pentesting

Comprehensive security testing of your web, mobile, and API applications. This includes vulnerability identification (e.g., SQL injection, XSS, insecure storage, improper platform usage) and follows standards such as OWASP Top 10 and MASVS.

[02] Cloud & Network Security Assessment

Assessment of your cloud infrastructure (AWS, Azure, GCP) and network environments (e.g. Active Directory) for misconfigurations, excessive permissions, vulnerable services, and weak protocols. Recommendations are provided to secure your assets and comply with best practices.

[03] Red Teaming & Social Engineering

Simulating real-world, objective-based attacks to test your organization's detection and response capabilities. Includes phishing, vishing, and physical security tests to evaluate your human firewall.